Roles & Groups
This chapter gives you an overview of the different roles and groups that the BlueRange server uses. There are two different roles for administration as our system supports multi-tenancy. There is the System Administrator and the Organization Administrator. A System Administrator can manage all users, groups and the different organizations, but is not able to perform any other actions. An Organization Administrator on the other hand can only see the user groups for their own organization.
Once an organization is created, the following groups are automatically generated.
|Do not delete these preconfigured groups as they are essential for a correct access control model.|
An administrator manages everything for his organization including updates, users and device management features. This role allows the use and configuration of all features of BlueRange.
This is the superuser role and therefore provides access to all the functionality listed below.
ORGANIZATION Appstore Manager
An appstore manager is able to upload, edit and delete software and firmware updates for BlueRange devices. This role is not able to deploy any updates as this is only possible with the Device Manager group.
A user has no further rights than to login. Normally this role is not needed, because a user should be either a device user or an appstore user.
ORGANIZATION User Manager
A user manager can manage all users and groups of an organization with the permission to create, edit & delete users and groups.
ORGANIZATION Device Manager
Being part of this group allows the user to manage all devices of the BlueRange installation with permission to enroll, delete and edit them. It also allows to create and apply configurations and notifications, as well as apply actions on devices.