Role Based Access to Scalefusion Dashboard

Scalefusion lets administrators designate roles to users. Each role carries different set of permissions which are critical for secure usage of the product. Hence, on Scalefusion Dashboard we provide role-based access control to achieve this.

This document describes all such roles and permissions provided under each role along with how they can be assigned to an administrator.

How to Access

The Roles & Permissions can be accessed from Admins and Roles section on the Dashboard. To access,

  1. Click on your account profile in the upper right corner
  2. Click on Admins and Roles. This opens the Admins and Roles page.
This page can also be reached by clicking on Admin and Roles button from Account profile page (accessed by clicking on View and Edit Profile). See screenshot below.
  1. Navigate to Roles & Permissions section

Role Types/Categories

There are two categories of roles:

  1. System Roles: Scalefusion has some pre-defined roles that come with a specific set of permissions for users, which they can assign while creating administrator(s).
  2. Custom Roles: You can also create your own custom role, assign permissions as per the requirements of defined role and assign it to administrators.

They are described as under:

Role Name

Description

Category

Sub Category

Group Admin

Has access to the devices and other features only for the device groups he/she is assigned

System Role

  • Read Only*
  • Read and Write**

Device Admin

Has access to all the devices present in the account

System Role

  • Read Only
  • Read and Write

Co-Account Manager

Has access to all features similar to owner

System Role

All Access

Custom Role

Create your own custom role, enable/disable permissions as per requirement

Custom Role

Customized

*Read Only: The features of Dashboard are available in read-only mode to the user.

**Read and Write: The users are allowed to read and also make changes over them.

Permissions

In any role there are three sets of permissions

  1. Visibility: The said feature is visible or hidden
  2. All Access: The user has all access to the feature, that is, read as well as make updates. Roles with Read and Write permissions will have All Access to features (if visible).
  3. Read Only: The feature is visible in read-only mode, that is, no changes can be done by the user. Roles with Read Permissions will have restricted view to features that is read-only (the ones which are visible).
In system roles, these permissions are pre-defined and hence cannot be modified by the administrator. While creating an admin, simply choose the role and all permissions under that role will be assigned to the admin.

Accessibility of features for pre-defined roles

To take a look at the features enabled/disabled under a pre-defined role, click on View below each system role. The icons described below will help in identifying the feature accessibility for a particular role.

  • Visibility: The feature and sub-feature that would be visible for a role is marked with a green eye icon and the one which is not, is marked with a red eye icon.
  • All Access: Marked with green tick mark if allowed, and red hyphen if not allowed
  • Read-Only: Marked with green tick mark if allowed
In general, any feature that is not visible will not have all access and read-only permission.

For example, Device Admin (Read and Write) will have access to following:

Here, Devices section is visible with all access to users whereas Android For Work Setup, Apple Setup, Windows Setup won't be visible to users.

For any Sub feature, Read/Write access is dependent on parent feature's permission.

Accessing System Roles

Device Admin

To access, click on View under Admins and Roles > Roles & Permissions > Device Admin card.

You will be able to view the features with their permission corresponding to each.

Exceptions
  1. Device Admins with Read and Write role will have access to Remote Mirror and Timezone Settings whereas for Device Admins with Read Only role, these will not be visible.

Group Admin

To access, click on View under Admins and Roles > Roles & Permissions > Group Admin card.

You will be able to view the features with their permission corresponding to each.

Exceptions
  1. Group Admins with Read and Write role will have access to Remote Mirror and Timezone Settings whereas for those with Read Only role, these will not be visible.
  2. Groups - Group Admins get a read-only access to the Device Groups and User Groups that they administer.
  3. Enrollment Configurations - Group Admins have visibility to Manage Organization Users (User Enrollment) in read-only mode, for the groups that they administer. However, Bulk Enrollment and QR code configurations won't be accessible to them.

Co-Account Manager

To access, click on View under Admins and Roles > Roles & Permissions > Co-Account manager card.

You will be able to view the features with their permission corresponding to each.

A co-account manager will have visibility and all access for all features.

Custom Role

To create a custom role:

  1. Under the Admin and Roles page, click on the Roles & Permissions tab.
  2. Click on Create New under Custom Roles.
  3. A new page will open. Fill the following details:
    Role Name: Enter a name for this role
    Creating Role: Choose one, whether you want to create role for All Devices or for Device Groups
    Permissions: There are three categories to set permissions:
    • Visibility: Toggle this button to on/off based on whether a particular feature should be visible on the dashboard.
    • All Access: This provides both read and write permissions to the admin.
    • Read Only: This provides read-only permission to the admin.
      Any feature can either be assigned with All Access or Read Only
  4. Once all the permissions are set, click on the Save Role button.
  5. The custom role created will appear on Roles & Permissions page.

Customizing a pre-defined role

If you want to customize any pre-defined role,

  1. Click on View under the system role (which has to be customized)
  2. Click on the button Make a copy
  3. This opens a page where you can provide a new role name and make changes in permissions to create one based on your requirements.

Assigning a role to admin

If you want to assign a role to an admin:

  1. Visit Administrators page and click on the three dots in front of an existing admin. Select Edit.

  1. This will open the Edit Admin User window. Here, in the Role drop-down, select a role and Submit
    All system and custom roles are listed in Role drop-down

  1. The selected role with all the permissions defined in it, will be assigned to this admin.


How did we do?


Powered by HelpDocs (opens in a new tab)