Skip to main content
Skip table of contents

User Management Roles

Eleveo.admin is the default user of the User Management application. The user is assigned the User Management/user-management-admin composite role, which consists of several effective roles, enabling the user to perform administrative tasks.

All default User Management roles are grouped under the User Management application.

The table below lists all default effective roles and their assignment to the composite role.

Name of an effective roleAction allowedDependencies on other rolesAssignment to user-management-admin
(composite role)
Application
manage-custom-rolesAllows the user to manage (create/edit/remove) custom roles. It doesn't work without the view-custom-roles role.view-custom-rolesxUser Management

















manage-groupsAllows the user to modify group settings. It doesn't work without the manage-users role.manage-usersx
manage-identity-providersAllows the user to access the Identity Providers menu item and the Identity Providers screen, as well as display all providers.
x
manage-federationsAllows the user to see the User Federation menu item and the Add user federation provider screen, as well as to add and modify the user federation provider's settings.
x
manage-licencesAllows the user to access the License Management menu item where the user can upload/edit or see an overview of license usage.
x
manage-settingsAllows the user to access the Realm Settings menu item where the user can edit a default time zone setting.
x
manage-provider-clientsAllows the user to see the Create button on the Provider Clients screen. It doesn't work without the view-provider-clients role.view-provider-clientsx
manage-usersAllows the user to add a user or to modify user settings (including changing a password and assigning roles). It doesn't work without the view-users role.view-usersx
manage-eventsAllows the user to display logs (realm events) and their settings.
x
query-realmsAllows the user to display information about the realm.
x
query-groupsAllows the user to display the existing groups on the Groups screen.view-users (included)x
query-usersAllows the user to display the existing user accounts on the Users screen.view-users (included)x
query-clientsAllows the user to display the existing clients on the Provider Clients screen.view-clients (included)x
view-authorizationAllows the user to display the My Account section.
x
view-clients

Allows the user to add a new provider client (use the Create button on the Provider Clients screen). It doesn't work without the view-provider-clients and manage-provider-clients roles.

Includes also the query-clients role.

view-provider-clients, manage-provider-clientsx
view-custom-rolesAllows the user to see the Manage Roles menu item and the Roles screen, as well as to display all existing custom roles.
x
view-identity-providersAllows the user to add or edit an identity provider. It doesn't work without the manage-identity-providers role.manage-identity-providersx
view-provider-clientsAllows the user to see the Provider Clients menu item and the Provider Clients screen, as well as display all existing clients.
x
view-realmAllows the user to see the Sessions menu item and the Sessions screen, as well as to display active clients and their settings.
x
view-users

Allows the user to see the Users and the Groups menu items and the Users screen and the Groups screens. Allows seeing the settings of a user, except the Credentials tab and assigned roles.

Includes also the query-groups and query-users roles.


x
delete-usersAllows the user to delete the existing user accounts.

manage-password-policiesAllows the user to see the Authentication menu item and the Authentication screen, as well as add, edit or remove password policies.
x

Note that the delete-users role is not assigned by default to the eleveo.admin user. We recommend that users be disabled, not deleted. Deleting users may cause database inconsistencies and the loss of historical data associated with them.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.