A security role is a set of privileges and the level of access to various actions/functions within the platform. Security roles allow you to configure the security items, that is, the access privileges on CRUD operations for entities in the data model.
Users with elevated privileges (admin users) can control data access by setting up the organizational structure to protect sensitive data and configure various organization layers to allow communication, collaboration, or reporting.
You can grant even more granular access privileges in FintechOS, by associating security roles to digital journeys, workflows, analytics, Portal Profiles, etc. Such security roles are then associated to user accounts, hence those users will be able to access those digital journeys, workflows, analytics, or Portal Profiles. Such an example is given in Access to Portal Profiles based on Security Roles. The data is automatically filtered based on the privileges and level of access defined within the security role via the security items.
The most granular level of access privileges you can grant to users in FintechOS is the attribute level.
Default Security Roles
The following table describes the access rights level of the default security roles:
|Debugger Users||This is a development role: it is used by the implementation team to debug issues on the Portal using the Debugger in the kit.|
|Developer||This is a role assigned to users who work with configuration items (such as entities and form driven flows) in order to develop digital solutions.
Developers can create and configure Configuration Management, but they cannot lock/unlock them. They can also create Digital Solutions and import/export Digital Solutions Packages.
|Guest||This is a role inherited by the platform; it doesn’t have any special platform access meaning.|
|JobServer||This role is used by the JobServer service to execute scripts from the platform with a specific schedule (see Schedule Jobs).|
|Registered Users||Users with this security role have access rights to edit their account from My Account and to access a minimum list of entities in order to log in without errors in the application.|
|Release Manager||Users with this security role can lock/unlock Configuration Management and create Digital Solutions Packages.|
|User Management||Users with this role can manage the application users without having elevated privileges.
System users who have been granted the User Management security role cannot manage existing Administrator users.
|Integration Users||A role designed for integration with other systems. It is not an actual user, but rather a process that authenticates and calls various functions exposed inside the platform.|
|Widget||This is a role inherited by the platform; it doesn’t have any special platform access meaning.|
New security roles can be added to the list depending on your business needs. Once you configure the security roles, you can attach them to configuration items (such as form driven flows or reports) on which you wish to enforce access control.