Permissions
Introduction
Relution allows permissions to be configured very precisely and in a fine-grained manner. This ensures that for each use case, a specific permission set can be created without giving users more functionality than necessary.
Permissions also allow multi-factor authentication (MFA) to be enabled for user accounts. In addition, permissions can be globally assigned through the Store organization.
Overview of Permissions
Under Users
> Permissions
, default permission templates are already available for each organization, configured similarly to system groups.
These default permissions cannot be modified, as they are automatically generated.
However, it is always possible to create new custom permissions.
Permissions are additive, meaning that all permissions assigned to a user account are combined.
Configuring Permissions
In the Permissions
category, a new entry can be created by clicking Add.
Almost every function available in the Relution Portal can be assigned individually.
Typically, there are four options: Read, Create, Update, and Delete.
For example, a user can be given an account with read-only permissions, preventing them from making changes to the system.
Device actions can also be configured individually.
- Example: All actions are allowed except for device location tracking.
- Another use case: A user may only be allowed to update DEP and VPP tokens in settings but not make any other changes.
Linking Permissions to User Accounts
To assign a permission to a user account, open the user account and link the relevant permission at the bottom of the form.