Roles
RapidIdentity uses Roles to manage access and authorization across its components and their modules. In the initial configuration of RapidIdentity, the only role visible is System Admin. Roles for other RapidIdentity components are visible after their installation.
Roles configuration was previously located in the RapidIdentity Appliance | Core Configuration | Roles tab in the legacy user interface. The primary update in the new user interfaces for Roles is that the Roles table more clearly designates roles by RapidIdentity product.
Roles maps directory groups to these roles.
The System Admin role is the only global role and defines what users can access the Configuration module in RapidIdentity Portal, RapidIdentity Connect, and RapidIdentity Folders.
This role also enables the Help Desk role in RapidIdentity Portal. The magnifying glass opens the LDAP object directory tree.
Role | Privileges |
|---|---|
RapidIdentity Connect Admin | Can see all information, create/edit/delete Action Sets, run actions, schedule jobs, manage files. |
RapidIdentity Connect Auditor | Can see all information but cannot change anything. |
RapidIdentity Connect Operator | Can see all information, run actions sets, schedule jobs, manage files, but not create/edit/delete Action Sets. |
RapidIdentity Folders Admin | Can see all information, create/edit/delete policies and templates, add users and groups to backlog, clear backlog problem queue. |
RapidIdentity Folders Auditor | Can see all information but cannot change anything. |
RapidIdentity Folders Admin | Can see all information, view policies and templates, add users and groups to backlog, clear backlog problem queue. |
RapidIdentity Portal Applications Helpdesk | Enables “Other Applications” which displays the application assignments |
RapidIdentity Portal Applications Admin | Enables “Extended” tab in Applications Module configuration. |
RapidIdentity Portal Dashboard Admin | Can see all information and can configure settings |
RapidIdentity Portal Dashboard Viewer (Executive) | Can view the Executive delegation only |
RapidIdentity Portal Dashboard Viewer (Summary & Details) | Can view the Executive tab Summary and Details delegations only |
RapidIdentity Portal Dashboard Viewer (Summary only) | Can view the Executive Summary delegation only |
RapidIdentity Portal Profiles Helpdesk | Enables “Other Accounts” tab in Profiles Module. Allows all actions on all accounts. |
RapidIdentity Portal Profiles Admin | Enables “Extended” tab in Profiles Module configuration. |
RapidIdentity Portal Reporting Admin | Can see all information, create and run reports, along with the ability to export, import, and modify reports. |
RapidIdentity Portal Reporting Viewer | Can only view Reporting module reports |
RapidIdentity Portal Role Manager | Enables “My Roles” tab. Allows for management of roles in which they are an owner or membership manager. |
RapidIdentity Portal Roles Helpdesk | Enables “Other Roles” which allows management of any group. |
RapidIdentity Portal Roles Admin | Enables “My Roles” tab. Allows for management of roles in which they are an owner or membership manager. |
RapidIdentity Portal Roles Helpdesk | Enables “Other Roles” which allows management of any group. |
RapidIdentity Portal Roles Admin | Enables “Extended” tab in Roles Module configuration. |
RapidIdentity Portal Sponsorship Helpdesk | Enables “Other Sponsorships” tab in Sponsorship module. Allows all actions on all sponsored accounts. |
RapidIdentity Portal Sponsorship Sponsor | Enables “My Sponsorships” tab in Sponsorship module. Allows creation and all actions on authenticated user's sponsored accounts. |
RapidIdentity Portal Sponsorship Admin | Enables “Extended” tab in Sponsorship module configuration. |
RapidIdentity Portal Workflow Help Desk | Enables “Other” tabs within “Dashboard”, “Requests”, “Approvals”, and “Re-attestations”. Allows all actions on all workflow requests. |
RapidIdentity Portal Workflow Admin | Enables “Extended” tab in Workflow module configuration. |
System Admin | Enables access to the Configuration module and provides Help Desk role for RapidIdentity Portal. |
Tenant Admin | System role that enables configuration of an IDaaS instance |
API Developer | Able to use the new Common Authentication API |