Configuring Settings and Permissions
    • 20 Nov 2024
    • 2 Minutes to read
    • Dark
      Light
    • PDF

    Configuring Settings and Permissions

    • Dark
      Light
    • PDF

    Article summary

    Within the Platform , you can configure each hierarchical level and access additional ways to create and manage objects within the Workspace. 

    Accessing the Settings screens to configure the Platform

    Hierarchical Level 

    Accessing the Settings Screen

    Available Options

    Tenant settings

    Click the Settings icon (  ).

    View or modify the IDP source (options are PlainID Internal or External IDP). To modify the settings, click Edit.

    Environment settings

    Click the three vertical dots and select Settings.

    View and edit Environmental details, set Environment Permissions, and configure and manage Scopes, API Authorizers and Data Authorizers.

    Identity Workspace settings

    Click the Settings icon (  ).

    View and manage Identity Workspace settings, define Identity Attributes and configure Workspace access Permissions.

    Authorization Workspace settings

    Click the Settings icon (  ).

    View and edit Authorization Workspace details, and configure Workspace access Permissions.

    Orchestration Workspace settings

    Click the Settings icon (  ).

    View SaaS Authorization Management capabilities for policy management while working with third-party vendors. Options include discovering policies and objects and translating them to the Platform language.

    About Permissions

    The Permissions tab enables you to apply access rights to various levels of the Platform . There are two levels of access permissions: 

    Admin: gives administrative permissions to create, modify, and delete entities within that level

    Viewer: gives permission to view only.

    Information

    Permissions can only be defined when using an external IDP.

    Permission levels are managed on the Settings screens, and can be applied at the following levels:

    • Environment

    • Identity Workspace

    • Authorization Workspace

    • Orchestration Workspace

    Tenant Level Permissions

    At the Tenant Level, there is only an Admin level. Users with this level of permissions have full administrative capabilities within the Tenant, including all Environments and Workspaces. 

    Environment Level Permissions

    At the Environmental Level, there can be both Admin and Viewer users.

    • Admins have full administrative capabilities within the Environment.

    • Users with Viewer permission have access to a full view of all data-related objects managed within the Environment.

    Note: When an Environment Admin creates a new Workspace, they automatically have a claim that gives them Workspace level permissions automatically, allowing them to manage their Identity or Authorization Workspaces. If certain permissions are not required, the claim can be removed through the Permissions tab in the Authorization Workspace Settings.

    Workspace Level Permissions

    At the Workspace Level, users can be given either Admin or Viewer permissions to one or more Workspaces. At this level, Admin permissions give the user full administrative capabilities only within the specified Workspace. Similarly, Viewer permission gives the user a full view of all data-related objects managed within the specific Workspace only.

    Editing Permission Levels

    At the Environment and Workspace levels, IT Admins can modify which users get Admin Permissions (allowing them to perform any Admin operations) to the Environment and which get Viewers permissions (restricting them to view-only).

    To edit Permission levels:

    1. Access the Settings screen where you wish to modify the Permissions (Environment, Identity Workspace or Authorization Workspace).

    2. Select the Permissions tab. The Permissions screen opens.

    3. Click Edit. The fields become editable.

    4. In either (or both) of the available sections, enter the Name(s) or Group(s) for those individuals or groups that should be granted Admin Permissions and Viewer Permissions.

    5. When you finish making the changes, click Save.


    Was this article helpful?