Enterprise 11: Feature permissions for a role

The role based accessibility model ensures that users have the necessary privileges to view information or data that are relevant to the roles assigned by the Control Room administrator.

Only an administrator or a user with roles permission can assign roles to other users and provide access to various features and operations.

Note: The User Management API uses numeric values for permission features when creating roles. The (ID: nn) is the corresponding numeric identifier for a feature.
The option you select for users determines the features accessible to them. You can assign the following permissions:

Features Permissions
DASHBOARDS

View dashboards

Available by default for all users.
Note: The data populates in the dashboard based on the role permissions.
ACTIVITY
  • View my In progress activity (ID: 30)

    Available by default and enables all the users to view their own activity.

  • Manage my In progress activity (ID: 51)

    Enables you to monitor and manage (pause, resume and cancel) your own In progress activities. You can also archive your finished activities.

  • View everyone's In progress activity from my folders (ID: 36)

    Enables you to monitor those In progress automations for which the run or schedule access on the respective Task Bots are available.

  • Manage everyone's In progress activity from my folders (ID: 52)

    Enables you to monitor and manage (pause, resume and cancel) other users' In progress activities. You can also archive your finished activities.

  • View All in progress activity (ID: 101)

    Enables you to see all ongoing automations irrespective of Bot folder permission.

  • View my scheduled bots (ID: 28)
    Enables you to view their bots, even if they are scheduled to run later or by others.
    • Schedule my bots to run (ID: 10)

      Can schedule a bot on which the user has 'Schedule' privileges.

    • Edit my scheduled activity (ID:5)

      Can edit the schedules that the user has created.

    • Delete my scheduled activity(ID: 11)

      Can delete the schedules that the user has created.

    • View and manage ALL scheduled activity from my Folders (ID: 53)

      Users can view, edit, and delete all bots schedules from the folders that they have access. These schedules can also be created by other users.

    • View and manage ALL scheduled activity (ID: 52)

      Can view, edit, and delete all the schedules in the system.

BOTS
  • View my bots (ID: 29)
    • Run my bots (ID: 7)

      Can run the bots from the folder on which the user has 'Run' permission.

    • Export bots (ID: 31)

      Can create a bot package to export bots and their dependencies. This requires download permission.

    • Import bots (ID: 32)

      Can import a bot package. This requires upload permission.

    • Create Folders (ID: 54)

      Can create folders in the Control Room repository.

    • Rename Folders (ID: 55)

      Can rename folders in the Control Room repository

  • Manage my credentials and lockers (ID: 59)

    Available by default for all the users.

  • Manage my lockers (ID: 26)

    Can manage the lockers that the user has created or owns.

  • Administer ALL lockers (ID: 3)

    Can view and manage all the lockers and is available only with the AAE_Locker Admin role.

  • Create standard attributes for a credential (ID: 61)

    Can create the Standard attributes for a credential in addition to the User-provided attributes.

  • View and edit ALL credential attributes value (ID: 63)

    Can view and edit all the credential attributes that the user has created or owns in the Control Room. Also, can use the Credential Vault API to edit other users' attributes.

  • Bot Auto-Login Credentials API (ID: 35)

    Can set the auto-login credentials of a Bot Creator or Bot Runner through the Bot Auto Login Credentials API. See Auto-login Credentials API overview.
MetaBot

Access to MetaBot Designer (ID: 62)

Enable Bot Creators to access MetaBot Designer to view, create and update MetaBots. This permission is available by default for the system role AAE_MetaBot Designer and it is disabled for other roles (System and User created).
DEVICES

View and manage my Bot runners, Bot creators and device pools (ID: 30)

Enables you to view, run and schedule bots on the devices or the device pools.
  • Create device pools (ID: 40)

    Can create and manage one or more device pools.

  • Administer ALL device pools (ID: 66)

    Can manage all pools in the system and is available only with the AAE_Pool Admin role.

  • View and manage (ID: 60)

    Only users with the system-created Admin role can view and manage BotFarm functionality.
WORKLOAD

View and manage my queues (ID: 58)

Enables you to view, create, and manage the queues that the user has created.
  • Create queues (ID: 41)

    Can create and manage one or more queues.

  • Administer ALL queues (ID: 45)

    Can manage all queues in the system and is available only with the AAE_Queue Admin role.

  • SLA Calculator (ID: 42)

    Can calculate the number of Bot Runner or the time-frame required to process all the work items in a queue.

BOT STORE
  • View Bot Store (ID: 97)

    Enables you to access the Bot Store tab in the navigation pane of the Control Room. Available by default for all the users.

  • Download Bot Store bots to the Control Room repository (ID: 15)

    Enables you to download bots from the Bot Store to the Control Room repository and is available only with the AAE_Bot Store Consumer role.
AUDIT LOG

View everyone's audit log actions (ID: 14)

Enables you to view your own and other users action in the audit logs.
ADMINISTRATION

View and manage settings (ID: 85)

Enables you to view and manage all the Control Room settings.
  • View users (ID: 1)

    Enables you to only view all the users in the system.

    • Create users (ID:3)

      Can create one or more users in the system.

    • Edit users (ID:4)

      Can edit one or more users in the system.

    • Delete users (ID: 2)

      Can delete other users.

  • View user basic (ID: 102)

    Can view basic information about other users.

    This permission restricts a user from viewing basic information about other users when performing the following operations:

    • Creating, viewing, and editing a device pool.
    • Creating, viewing, and editing a locker.
    • Creating and editing a role.
    • Adding queue owners, participants, and consumers.

    The system displays "No permission" in the "Modified by" column on all the pages of the ACTIVITY and BOTS tab, and the Users and Roles pages in the ADMINISTRATION tab

  • View roles (ID: 90)

    Enables you to only view roles.

  • Manage roles (ID: 12)

    Can manage (create, edit, and delete) roles in addition to viewing.

  • View and manage Migration (ID: 86)

    Enables you to view migration details and is able to create or manage an existing migration.

  • View licenses (ID: 20)
    Enables you to view the license details.
    • Manage user's device licenses (ID: 48)

      Can manage licenses for other users.

    • Install licenses (ID: 49)

      Can install licenses for other users.

API

Bot Insight

  • Data API (ID: 47)

    Enables you to use the Bot Insight data API. See Bot Insight Data API.

  • Generate API-Key (ID: 91)

    Enables you to generate an API key used for authenticating the Control Room user when making an authentication API call. The permission is not available by default and must be assigned to a user defined role separately.
IQ BOT

View IQ Bot (ID: 68)

Enables you to view all the default dashboards in the IQ Bot portal.
  • View Learning Instances (ID: 69)

    Can view all the learning instances.

  • View Domains (ID: 70)

    Can view all the domains in the IQ Bot portal.

  • View Administration (ID: 71)

    Can view the Administration tab in the IQ Bot portal.

IQ Bot user roles and permissions