[Index]
Model: data/AuthorizedAdminHierarchy
Authorized Admin Hierarchy
Full HTML Help
Overview
VOSS Automate allows a single user account to be configured as both an End User (with services) and as an Administrator, and supports
the following:
- A single set of credentials for administration and end user access
- Simplified external authentication (LDAP and SSO)
- Support for concurrent use of both Admin and Self-service portals in same browser
An Authorized Admin Hierarchy instance contains
a role. This instance can then be assigned to a user
so that if the user is then also assigned a self-service
role, the user is then an end user with admin access:
a user with multiple user roles - both a self-service role
and this role from the Authorized Admin Hierarchy instance.
See: User Roles.
Important
When an Authorized Admin Hierarchy is set for a user, the hierarchy
of that instance (the model data/AuthorizedAdminHierarchy instance) as well as its
descendants will be visible as authorized hierarchies for administration purposes.
Users with multiple user roles then have a User Type of
"End User + Admin". See: Create a User.
Upon user login, the VOSS Automate system then assigns
the appropriate role to the user in accordance with the
requested portal:
| Portal |
Role |
|---|
| Automate Self-service |
selfservice |
| Automate Classic Admin |
administration |
| Automate Admin |
administration |
Note
- A user with multiple roles can also access both self-service
and admin portals during one login session, but a logout on
any portal would end the login session on both portals.
- For multi-role admin user SSO login options, see:
SSO Scenarios for Multi User Roles under
SSO SP Settings.
- When multi-role users perform administrative actions,
they can manage their own services such as adding new Phones and Lines.
However, the administrators would not be able to make modifications that
altered their own role-based access configuration, such as change of role
and associated Authorized Admin Hierarchy.
Manage Authorized Admin Hierarchy
Configuring Authorized Admin Hierarchy involves these high-level tasks:
- Create an instance of Authorized Admin Hierarchy at the relevant hierarchy level.
- Provision the end user as usual.
- Associate the end user with an Authorized Admin Hierarchy instance.
To create an instance of an Authorized Admin Hierarchy:
- Log in as Customer or Provider administrator and
choose Role Management > Authorized Admin Hierarchy.
- To add or modify an Authorized Admin Hierarchy instance,
either add or modify the instance Name and select
the Role.
- Click Save
Related Topics
- Create a User
- Self Service: Overview
- SSO SP Settings
- For API details, see the REQUEST-PORTAL API request header in:
the API Request Headers section in the API Guide.
Authorized Admin Hierarchy
Model Details: data/AuthorizedAdminHierarchy
- An asterisk * in the title indicates the field is mandatory.
- If a field has a default value, it is shown in the Description column.
- If the field type is an array, the Field Name has a .[n] suffix, where n is the array index placeholder.
- Object and array field names are listed to provide context. If a field belongs to an object or an array,
the full field name is shown in dot separated notation.
|
Name * |
The name that is given to the Authorized Admin Hierarchy.
|
- Field Name:
AuthorizedAdminHierarchyGroup.name
- Type: String
|
|
Role * |
The administration Role that is associated with the Authorized Admin Hierarchy
|
- Field Name:
AuthorizedAdminHierarchyGroup.role
- Type: String
- Target: data/Role
- Target attr: name
- Format: uri
|