Role-Based Access in Edge DX
  • Dark
    Light
  • PDF

Role-Based Access in Edge DX

  • Dark
    Light
  • PDF

In Edge DX, a role-based access scheme is used to manage and control user access to features and settings.

Edge DX role-based access employs two types of roles:

  • Built-in preset roles
  • Customized roles

Use the built-in preset roles to allow a user a pre-defined set of permissions for particular features and settings, as explained below.

To allow a user a customized set of permissions for particular features and settings, create a new role for which you define those permissions, as explained below.

You can assign a built-in preset role or a customized role to an existing Edge DX user (see details), or to a new user that you add to your organization (see details).

Manage Role-Based Access on the Access Control Page

Manage user access to Edge DX on the Access Control page of the Edge DX user interface with the following actions:

In the Configuration section of the Edge DX user interface, click Access Control to view the Access Control page.

image.png

On the Access Control page, click the Users, Roles or SSO tabs to access those sections of the page.

image.png

Users

Click the Users tab to access the Users section of the Access Control page.

image.png

In the Users section of the Access Control page, you can:

View Edge DX Users in Your Organization

View the list of the current Edge DX Users in your organization in the displayed grid. Additional details about each User are also displayed in the grid, as described in the table below. Display options for the Users list data and available related actions are also detailed in the table below:

Users List Column Heading Details Display Options Available Actions
User Name The usernames of the Edge DX Users in your organization are listed in the User Name column. Click the arrow next to the User Name heading to sort usernames. Click the filter icon beneath the User Name column heading to filter the usernames. Click a specific User Name to edit the User settings. See below for more details.
Role The role currently assigned to the user is listed in the Role column. See Roles for more details. In the field below the Role heading, select a role from the menu to display only the users assigned to that role.
Last Login The date and time of the last login by the user is listed in the Last Login column.
SSO Only The value appearing in this field indicates whether authentication for Edge DX is permitted only through Solve. See Add an Edge DX User to your Organization for more details. Select one of the SSO Only value options from the menu in the field below the SSO Only heading to filter the list of users according to the selected value.
Delete (bin icon) Click the bin icon appearing in the last column to delete the user.

Add an Edge DX User to Your Organization

To add a new Edge DX User to your organization, perform the following steps:

  1. In Configuration > Access Control > Users, click Add User. The Add User dialog box opens.

image.png

  1. In the Add User dialog box, configure the settings for the new user as explained in the table below:
Add User Parameter Details
SSO User The SSO User checkbox is selected by default. Leave the checkbox selected if authentication is permitted only through Solve. Click the checkbox to clear this option if authentication is permitted when Edge DX is accessed directly. Provide a valid password as prompted.
User Name (UPN) Provide the UPN of the new user.
Role Select a Role to assign to the new user from the roles listed in the menu. See Roles for more details.

Delete an Edge DX User from Your Organization

To delete an Edge DX User from your organization, do the following:

In Configuration > Access Control > Users, find the the User Name of the user you want to delete. In the last column of the row where the User Name appears, click the bin icon to delete the user.

Edit Edge DX User Settings

To edit the User settings of an existing Edge DX User, perform the following steps:

  1. In Configuration > Access Control > Users, click the User Name of the user whose settings you want to edit. The Edit User dialog box opens.

RoleBasedAccess_EditUser

  1. In the Edit User dialog box, edit the user settings as explained in the table below:
Edit User Parameter Details
Authenticate With Solve SSO Use the slider toggle to activate / deactivate authentication with Solve SSO. See SSO for details. If authentication with Solve SSO is not activated, a password is required to access Edge DX. Provide and confirm a valid password as prompted.
Role Select a Role to assign to the user from the roles listed in the menu. See Roles for more details. Click Change Role to apply the change.
  1. Click Close to close the Edit User dialog box.

Roles

Click the Roles tab to access the Roles section of the Access Control page.

image.png

In the Roles section of the Access Control page, you can:

The list of the current Edge DX Roles in your organization includes the Edge DX Built-in preset roles, and any customized roles added to the organization.

The built-in preset roles in Edge DX are the following:

  • Full Control
  • Viewer
  • Minimum

These built-in preset roles allow a user a pre-defined set of permissions for particular features and settings, as explained below.

To allow a user a customized set of permissions for particular features and settings, create a new role for which you define those permissions. To create a new Role, click Create New Role. See Create a New Customized Role in Edge DX for additional details.

View Edge DX Roles in Your Organization

In the Roles section of the Access Control page, you can view the list of the current Edge DX Roles in your organization in the displayed grid. Additional details about each Role are also displayed in the grid, as described in the table below. Display options for the Roles list data and available related actions are also detailed in the table below:

Roles List Column Heading Details Display Options Available Actions
Role Name The names of the Edge DX preset roles and customized roles in your organization are listed in the Role Name column. Click the filter icon in the Role Name field beneath the Role Name column heading to build filtering conditions and apply them to the displayed Roles list. Click a specific Role Name to view or edit the Role configurations. Built-in preset roles can be viewed only, not edited. Customized roles can be viewed or edited. See Built-In Preset Roles in Edge DX for more details about preset roles, and Create a New Customized Role in Edge DX for more details about customized roles.
Users The number of users in the organization to whom the role is assigned.
Action Click the bin icon to delete a customized role. A bin icon does not appear for the built-in preset roles, since they cannot be deleted. Instead of the bin icon, the term Built-in appears.

Built-In Preset Roles in Edge DX

The built-in preset roles in Edge DX are the following:

  • Full Control
  • Viewer
  • Minimum

These built-in preset roles allow a user a pre-defined set of permissions for particular features and settings in Edge DX.

In Configuration > Access Control > Roles, click on a specific Role Name to view the built-in preset roles. The built-in preset roles can only be viewed, not edited.

Permissions in Edge DX are divided into the following four categories:

  • Device Management
  • Device Actions
  • Configuration
  • Reports

Each of the above categories includes several permissions, and some of the permissions are subcategories which include additional permissions. A particular role in Edge DX is defined by the particular set of permissions it allows.

When you click any one of the built-in preset roles on the Roles page, the View Role dialog box opens.

The following screenshot shows the View Role dialog box for the Full Control role:

image.png

The blue checked box image.png appearing next to each of the four main permissions categories indicates that all of the permissions in that category are allowed for the role. The plus sign image.png appearing next to each of the four main permissions categories can be clicked to expand the category and view the permissions and subcategories included in each main permission category. However, even without expanding the category to view what it contains, the blue checked box image.png appearing next to all of the four main permissions categories indicates that all of the permissions in Edge DX are allowed to the users assigned the Full Control role.

The Viewer role has only partial permissions in Edge DX.

The following screenshot shows the View Role dialog box for the Viewer role:

image.png

As explained above for the Full Control role, the blue checked box image.png appearing next to the Reports permission category indicates that all of the permissions in that category are allowed for the Viewer role.

The blank box image.png appearing next to the Device Management and Device Actions categories indicate that none of the permissions in those two categories are allowed for the Viewer role.

The blue box with a horizontal line across it image.png appearing next to the Configuration permission category indicates that a portion of the permissions in that category are allowed for the Viewer role. The notation (1/6) further indicates that one out of the six permissions under the Configuration category are allowed for the Viewer role. (It can then be logically inferred that five out of the six permissions under the Configuration category are not allowed for the Viewer role.)

The screenshot below shows the View Role dialog box for the Viewer role, after the plus sign image.png next to the Configuration category has been clicked to expand it. Once expanded, you can see which permissions under the Configuration category are allowed for the Viewer role.

image.png

Within the Configuration category, you can see that the allowed permission is for the Events subcategory, with its single permission, View Events allowed for the Viewer role. Another subcategory, Data, is marked with the horizontally crossed blue box image.png and the notation (5/7) indicating that five out of seven of the permissions in the Data category are allowed for the Viewer role. The plus sign image.png next to the Data category has also been clicked to expand the Data category so that it can be seen which permissions under the category are allowed for the Viewer role.

The following screenshot shows the View Role dialog box for the Minimum role:

image.png

The Minimum role has no explicit permissions in Edge DX, as the blank boxes image.png appearing next to the four main permission categories indicate.

Create a New Customized Role in Edge DX

To allow a user a customized set of permissions for particular features and settings, create a new role for which you define those permissions.

To create a new role in Edge DX, perform the following steps:

  1. In Configuration > Access Control > Roles, click Create New Role.

image.png

The Create New Role dialog box opens.

image.png

  1. Provide a Name for the new role.
  2. Select the permissions you want to be allowed for the role from the list of available permissions in Edge DX listed in the dialog box.

Permissions in Edge DX are divided into the following four categories:

  • Device Management
  • Device Actions
  • Configuration
  • Reports

Each of the above categories includes several permissions, and some of the permissions are subcategories which include additional permissions. A particular role in Edge DX is defined by the particular set of permissions it allows.

Select permissions for the new role from the list taking the following into account:

  • Click the blank checkbox image.png next to a permission you want to select.
  • Click the blank checkbox image.png next to a plus sign image.png to select all of the permissions in a category or subcategory without expanding it first.
  • Click the plus sign image.png next to a category or subcategory to expand it, view the permissions it includes, and to select some or all of them.

Edit a Customized Role in Edge DX

In Configuration > Access Control > Roles, you can view the list of the current Edge DX Roles in your organization in the displayed grid.

Click a specific Role Name to view or edit the role settings. Built-in preset roles can be viewed only, not edited. Customized roles can be viewed or edited.

To edit a role in Edge DX, perform the following steps:

  1. In Configuration > Access Control > Roles, click the customized role that you want to edit.
Note

The built-in Edge DX roles, Full Control, Viewer and Minimum, which have the term Built-in noted in the Action column of the Roles grid, can only be viewed, not edited.

image.png

The Edit Role dialog box opens.

image.png

  1. Make the changes you want to the permissions for the role. See Create a New Customized Role in Edge DX for details about selecting permissions for roles in Edge DX.

  2. Click Save Role to save the changes to the role.

Delete a Customized Role from Your Edge DX Organization

To delete a customized role from your Edge DX organization, do the following:

In Configuration > Access Control > Roles, find the the role you want to delete. In the last column of the row, click the bin icon to delete the role.

SSO

Manage Solve SSO access settings in the SSO section of the Access Control page.

Click the SSO tab to access the SSO section of the Access Control page.

image.png

The settings under the heading Solve Single Sign-On pertain to users accessing Edge DX via Solve.

You can set the slider toggles to allow or not allow Solve users to have default roles in Edge DX as shown in the screenshot above, and as explained in more detail in the table below:

User Type (Role in Solve) Role in Edge DX (see Built-in Preset Roles in Edge DX for more details)
Solve Manager Full Control
Everyone who has access to Solve, but is not a Solve Manager Viewer

Was this article helpful?