A role includes a set of permissions. The use of roles makes it easy to give multiple users predefined sets of permissions at once. Note that assigning access to sites is not included in roles; roles only include feature permissions. A role can be assigned either at the organizational level or at the site level.
User / application roles: You can create roles for users as well as for applications. This is done in the same way.
Default / custom roles: You can make use of Priva's default roles, but you can also create custom roles via the Roles tab.
Default roles
A default role contains a set of permissions predefined by Priva. It is not possible to edit or delete a default role.
Currently, there are only two default user roles:
-
Administrator
This role includes all permissions available for your organization (depending on the subscription). -
Priva Installation Partner (only for Horticulture)
This role includes the permissions required to install and maintain horticultural systems.
It may change which permissions are available to your organization. For instance, if your organization changes the subscription or if Priva adds or removes permissions for new/old software features. The added or removed permissions will automatically be added to or removed from the relevant default role(s).
There are no default application roles yet.
Create roles
You can create custom roles via the Roles tab. In a custom role, you include a set of permissions that fits your organization. You can create roles that, for example, only contain view-only permissions or permissions to access specific applications.
When creating a role, take into account that some permissions can only be assigned at the organizational level and some permissions can be assigned site-specifically (more info in Roles and site access). Explanation of user permissions in (Building Automation) indicates for all available Building Automation permissions which can be assigned site-specifically.