Skip to main content

Roles and site access

  • Updated

Roles and site access

icon_info.png The text in this article is about roles and site access for users, but it also applies to roles and site access for applications.


The Roles and site access tab (via: menu Users > click on a user) lists the sites to which the user has been granted access and the roles the user has been assigned.

When creating a new user, you first grant the user access to sites and in the next step you grant feature permissions by assigning roles. Also for existing users, you can always change site access and assigned roles via the three dots button on this page.

 

Grant site access

First, you choose which sites to give the user access to. This can be a selection of sites or the full organization. If you choose full organization, the user will have access to all sites, including sites added to the organization in the future.

 

Assign roles

icon_info.png Before you start assigning roles, make sure you have created the roles fitting how you want them to be set up in your organization. More info
Priva strongly recommends having at least two administrators (users with the user management permission) within your organization.


After granting site access, you grant the user feature permissions by assigning roles. A role can be assigned either at the organizational level or at the site level. At the organization level, you can assign roles both via the Users tab per user and via the Roles tab per role. At the site level, you can only assign roles per user via the Users tab.

You can assign one or more roles to a user. If a user is assigned multiple roles, a sum of the permissions in the roles applies.

A role can potentially contain both site-specific and organization-wide permissions. The following example shows what permissions result when roles are assigned at both the organization level and site level.

a, d:       organization-wide permissions* (can only be assigned at the organizational level)

b, c, e:   site-specific permissions* (may be assigned at the site level)

* Indicated for all user permissions for Building Automation in Explanation of user permissions in (Building Automation).

In this example, the user has been granted access to 2 of the 3 sites of this organization. The user has been assigned 2 roles, one at the organization level and one at the site level. Both roles contain organization-wide permissions (purple) as well as site-specific permissions (blue).

  • Permissions b and e, granted through role 1, apply to all sites to which you have given the user access.
  • Permission d, granted through role 2, is a permission that cannot be granted at the site level as it is an organization-wide permission. As a result, this permission will not take effect for this user. You will be alerted when assigning a role at the site level that contains organization-wide permissions.

Although it is recommended to make use of roles, it is possible at the organizational level to grant user-specific permissions. To do this, go to the Feature permissions tab for the user (more info).

If the user’s permissions are changed, the user may need to sign in again for the changes to take effect.
Was this article helpful?
0 out of 1 found this helpful
Return to top

Related articles

General

Building Automation

Horticulture

Direct Access