Authorized Admin Hierarchy#
Overview#
VOSS Automate allows a single user account to be configured as both an End User (with services) and as an Administrator, and supports the following:
A single set of credentials for administration and end user access
Simplified external authentication (LDAP and SSO)
Support for concurrent use of both Admin and Self-service portals in same browser
An Authorized Admin Hierarchy instance contains a role. This instance can then be assigned to a user so that if the user is then also assigned a self-service role, the user is then an end user with admin access: a user with multiple user roles - both a self-service role and this role from the Authorized Admin Hierarchy instance. See: User Roles.
Important
When an Authorized Admin Hierarchy is set for a user, the hierarchy
of that instance (the model data/AuthorizedAdminHierarchy
instance) as well as its
descendants will be visible as authorized hierarchies for administration purposes.
Users with multiple user roles then have a User Type of “End User + Admin”. See: Add Admin Users.
Upon user login, the VOSS Automate system then assigns the appropriate role to the user in accordance with the requested portal:
Portal |
Role |
---|---|
Automate Self-service |
selfservice |
Automate Classic Admin |
administration |
Automate Admin |
administration |
Note
A user with multiple roles can also access both self-service and admin portals during one login session, but a logout on any portal would end the login session on both portals.
For multi-role admin user SSO login options, see: SSO Scenarios for Multi User Roles under SSO SP Settings.
When multi-role users perform administrative actions, they can manage their own services such as adding new Phones and Lines. However, the administrators would not be able to make modifications that altered their own role-based access configuration, such as change of role and associated Authorized Admin Hierarchy.
Manage Authorized Admin Hierarchy#
Configuring Authorized Admin Hierarchy involves these high-level tasks:
Create an instance of Authorized Admin Hierarchy at the relevant hierarchy level.
Provision the end user as usual.
Associate the end user with an Authorized Admin Hierarchy instance.
To create an instance of an Authorized Admin Hierarchy:
Log in as Customer or Provider administrator and choose Role Management > Authorized Admin Hierarchy.
To add or modify an Authorized Admin Hierarchy instance, either add or modify the instance Name and select the Role.
Available roles will also include those roles containing the current hierarchy where the created Authorized Admin Hierarchy instance resides, in their Hierarchies Allowed list - see: Add and Edit Roles.
Click Save
Related Topics
For API details, see the
API Request Headers.REQUEST-PORTAL
API request header in: