Roles overview

Administrators or users with roles permission can create, edit, and delete roles for various features and operations in the Control Room.

RBAC (role-based access control) grants access to users based on the assigned roles and the access provided to the user.

Following are the benefits of creating roles:

  • Increased security by controlling user access based on their assigned roles.
  • Decreased dependency on customer support.
  • Efficient monitoring of use and access of data, which leads to better research management.

Manage roles

  • Create roles
    • Enterprise 11: System created roles

      These are the roles that are preconfigured during Control Room installation.

    • User-created roles

      These are the roles that are created by users, and can be customized accordingly.

      If a custom role or user-created role is created with all the Control Room permissions, then it is not considered as a Control Room Admin role. Only a system-created Admin role has this privilege.

  • Export or import roles and users

    the Control Room enables you to export or import custom roles and the users associated with the roles.

Tasks you can perform on roles

You can perform the following tasks on the created roles by using the actions menu (vertical ellipsis) located on the right of each role name:
View a role
Opens the View role details in read-only mode. An administrator or a user with permission to view or manage role can access the View role page.
Edit a role
Opens the Edit user role in write mode. Only an administrator or a user with permission to edit role can access the Edit role option to modify information such as feature permissions, bots, devices, users and security.
Delete a role
You can delete a redundant role. An admin user or a user with delete permission can remove the redundant roles from Control Room.
Copy a role
You can create a similar role. Only an administrator has the permission to copy a role in the Control Room. This ensures that you can create similar roles in the system without having to perform the action manually.

Search for roles

You can use the All Roles page in the Control Room to view detailed information about system and user created roles. Search for the role you want using the following options:
  • Apply a search parameter:

    For ease of access, filter roles according to role name and type.

    When you specify search parameters for the same column, the system searches using the OR operator. When you specify search parameters for different columns, the system searches using the AND operator.

  • Sort the results by column actions:
    • Click a column header to sort by ascending or descending order.

      Sort up to three columns at a time by holding the Shift key as you click two or more column headers. This way the sorting is done on the entire table and not just the data that is currently visible to you.

    • Drag the column headers to the left or right.
    • Point to the end of a column and drag it to resize.

Perform actions on selected roles

You can perform the following tasks by pointing to the icons on the top-right of the Roles table. These actions can be performed only at a table-level and not on individual items.
Create user
Enables you to create users from the Roles page.

User management overview

Refresh
Refreshes the roles table and displays the latest data.
Delete checked items
Deletes the selected roles from the table.
Customize columns
Enables you to select the columns that you want to show or hide in the table. By default, all the columns are displayed.

For Active Directory users

Map Active Directory roles
You can define a role and assign permissions to access various features of the Control Room. Only an admin or Control Room user with roles permission can assign roles to users and provide access to them for various features and operations.
Synchronize role mappings
You can synchronize the role mappings from the Active Directory role mappings page, or automate it to synchronize when the user role sync background process is triggered.
View Active Directory role mappings
An administrator or a user with permission to view and manage role can access the View Active Directory role mapping page.
Delete Active Directory role mappings
An administrator or a user with permission to view and manage role can delete role mappings.

Audit logs

All the create, update, and delete actions are tracked and stored in the Audit log page for future use.