Skip to main content
Skip table of contents

User Management Roles

Eleveo.admin is a default user of the User Management application. The user is assigned a User Management\user-management-admin composite role, which consists of several effective roles, enabling the user to perform administrative tasks. However, this role can be also assigned to any other WFM user, who needs to perform tasks related to managing users.

The below table lists all default effective roles and their assignment to the composite role:

Name of an effective role

Description

Dependencies on other roles

Assignment to user-management-admin
(composite role)

Application

manage-custom-roles

Allows the user to manage (create/edit/remove) custom roles. It doesn't work without the view-custom-roles role.

view-custom-roles

x

User Management

















manage-groups

Allows the user to modify group settings. It doesn't work without the manage-users role.

manage-users

x

manage-identity-providers

Allows the user to see the Identity Providers menu item and the Identity Providers screen, as well as display all providers.


x

manage-federations

Allows the user to see the User Federation menu item and the Add user federation provider screen, as well as to add and modify the LDAP user federation provider's settings.


x

manage-licences

Allows the user to display of License Management menu item where the user can upload/edit or see an overview of license usage.


x

manage-settings

Allows the user to display the Realm Settings menu item where the user can edit a default time zone setting.


x

manage-provider-clients

Allows the user to see the Create button on the Provider Clients screen. It doesn't work without the view-provider-clients role.

view-provider-clients

x

manage-users

Allows the user to add a user or to modify user settings (including changing a password and assigning roles). It doesn't work without the view-users role.

view-users

x

manage-events

Allows the user to display logs (realm events) and their settings.


x

query-realms

Allows the user to display information about the realm.


x

query-groups

Allows the user to display the existing groups on the Groups screen.

view-users (included)

x

query-users

Allows the user to display the existing user accounts on the Users screen.

view-users (included)

x

query-clients

Allows the user to display the existing clients on the Provider Clients screen.

view-clients (included)

x

view-authorization

Allows the user to display the My Account section.


x

view-clients

Allows the user to add a new provider client (use the Create button on the Provider Clients screen). It doesn't work without the view-provider-clients and manage-provider-clients roles.

Includes also the query-clients role.

view-provider-clients, manage-provider-clients

x

view-custom-roles

Allows the user to see the Manage Roles menu item and the Roles screen, as well as to display all existing custom roles.


x

view-identity-providers

Allows the user to add or edit an identity provider. It doesn't work without the manage-identity-providers role.

manage-identity-providers

x

view-provider-clients

Allows the user to see the Provider Clients menu item and the Provider Clients screen, as well as display all existing clients.


x

view-realm

Allows the user to see the Sessions menu item and the Sessions screen, as well as to display active clients and their settings.


x

view-users

Allows the user to see the Users and the Groups menu items and the Users screen and the Groups screens. Allows seeing the settings of a user, except the Credentials tab and assigned roles.

Includes also the query-groups and query-users roles.


x

delete-users

Allows the user to delete the existing user accounts.



manage-password-policies

Allows the user to see the Authentication menu item and the Authentication screen, as well as add, edit or remove password policies.


x

Note that the delete-users role is not assigned by default to the eleveo.admin user. We recommend that users be disabled, not deleted. Deleting users may cause database inconsistencies and the loss of historical data associated with them.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.