Skip to content

Site Roles Management

Site Permissions and Roles

The Site Roles Permissions page shows the permissions assigned to users or groups for accessing or managing a specific site. This interface enables granting new permissions, as well as editing or revoking existing ones. Users or groups can be sourced from local directories or any integrated user directory like LDAP, Active Directory, or Entra ID.

Permissions in sites are inherited downwards in the site hierarchy, with the ability to break inheritance to create unique permissions for the site, or to inherit permissions from the parent site.

The application supports the following site roles:

Administrator
The Administrator role has full access to view and manage settings, management functions and assets of the site.
 Auditor
The Auditor role has read only access to view settings, management configurations and assets of the site.
Service
The Service role has API access to the site. This Service role should be granted to accounts used in the configuration of remote nodes.		 Site Manager
The Site Manager role has access to view and manage sub-sites of the given site.
MFA Manager
The MFA Manager role has access to view and manage the MFA configuration of the site.		 Configuration Manager
The Configuration Manager role has access to view and manage the integration configurations of the site.
Directory Manager
The Directory Manager role has access to view and manage the local user directories of the site.		 Asset Type Manager
The Asset Type Manager role has access to view and manage the asset types of the site.
Taxonomy Manager
The Taxonomy Manager role has access to view and manage the taxonomies of the site.		 Asset Manager
The Asset Manager role has access to view and manage the assets of the site.
Permission Manager
The Permission Manager role has access to view and manage the permissions of the site.		 Task Manager
The Task Manager role has access to view and manage scripts, parsers as well as asset type (with the Asset Type Manager role) and asset task lists (with the Asset Manager role or Asset Owner permission).
Segmentation Manager
The Segmentation Manager role configures, manages and executes segmentation policies of the site.		 API Token Manager
The API Token Manager role has access to view and manage site API tokens.
Intelligent Tagging Manager
The Intelligent Tagging Manager role has access to view and manage intelligent tagging rules.		 Request Manager
The Request Manager role has access to view and manage site Workflow Forms and site Workflow Selectors. Asset Role: Asset Manager or higher is required to manage asset level form selectors.
Analytics Manager
The Analytics Manager role has access to view, manage and build AI Models as well as to use AI Models and AI Clusters to classify and analyze site assets.

View Site Roles

To view the currently configured Site Roles assigned within this Site:

  1. Log in to the Site with an Administrator, Permission Manager, or Auditor account.
  2. Navigate to Management > Site Roles.

From the list, each User or Group currently assigned a Site Role will be displayed. The table columns are:

  • User or Group: Displays the User or Group that currently has an assigned Site Role.
  • Type: Displays the type of the User or Group; User or Group.
  • Directory: Displays the directory name from where this User or Group originates. Local indicates the Local User Directory, Master indicates from the base tenant, and <custom names> indicate from the Name value of an externally configured user directory.
  • Permissions: Displays all the Site Roles assigned to this User or Group.
  • Actions: Opens the Actions dropdown menu with available options:
    • Edit: Allows the user to Edit the currently selected user's or group's assigned Site Roles.
    • Revoke: Allows the user to Revoke this user or group from Site Roles, effectively removing all their Site Role assignments.

Grant Site Roles

To grant a User or Group a Site Role within the current Site:

  1. Log in to the Site with an Administrator or Permission Manager account.
  2. Navigate to Management > Site Roles and click the Grant button.
  3. Select the User or Group to apply the Site Role to using the User or Group field at the top of this form. The User or Group may originate from the local directory or any external directory configured with this tenant.
  4. After selecting the user or group, choose the Site Role(s) to assign by clicking the enable switch to the right of the role.
  5. To complete this operation, click the Grant button.

Granting Site Roles

Revoking Site Roles

To revoke a User or Group a Site Role within the current Site:

  1. Log in to the Site with an Administrator or Permission Manager account.
  2. Navigate to Management > Site Roles, locate the User or Group that will have their Site Roles revoked, and open their Actions menu to the right side of this table.
  3. Select the Revoke option to remove their Site Roles.

Revoke Site Roles

To revoke the Site Roles of multiple Users or Groups:

  1. Log in to the Site with an Administrator or Permission Manager account.
  2. Navigate to Management > Site Roles, select all the Users or Groups that will have their Site Roles revoked by clicking the selection box to the left side of this table, and open the Mass Actions menu.
  3. Select the Mass Actions > Revoke option to remove the Site Roles from all selected Users or Groups.

Mass Revoke Site Roles

Site Role Inheritance

Permissions in Sites are inherited downwards in the site hierarchy by default, with the ability to break inheritance to create unique permissions for the site, or to re-inherit permissions from the parent site. Permission inheritance begins with the Root tenant site and inherit down to all child site, unless or until this inheritance is broken on a child Site.

Site Roles Inherited Permissions

To break Site Role inheritance making a child Site have its own unique permissions:

  1. Log in to this Site with an Administrator or Permission Manager account.
  2. Navigate to Management > Site Roles, click on the Make Unique button.
  3. After the Make Unique operation completes, the inherited permissions from the parent Site are unique but remain configured for this Site. You may now update these unique Site Roles by revoking the once inherited permissions and granting new as needed.

Site Roles Unique Permissions

Note

If you later decide that inheritance should be returned from the parent, you can use the Inherit button on this page to re-establish the parent-child Site role inheritance.

Site Roles Unique Permissions

Re-establishing inheritance will remove all unique permissions from the child Site and re-inherit those from its parent, returning this child Site to the default inheritance of its parent.