Understand roles and how they function in your Inkit environment and use them to set user and system authority
In this topic, you’ll learn about roles. They are an integral part of the management & security layer of your environment. Through roles, you’ll determine permissions and grant authority to both systems and users.
After reading this topic, you should feel comfortable with what roles are, and you may wish to start thinking about how to utilize them in your organization’s environment.
- You know about users and API keys
- You have identified your API key needs
Read more about:
What are roles?
In short, roles let you decide what a user or system (API key) does. With them, you get to choose what behaviors and actions your user or system is allowed to take.
Roles have permissions, and these permissions determine environment-wide authority.
Whenever you assign a permission, the user or system which received it can act upon it throughout your entire environment.
It is therefore prudent to identify your role needs before you assign them.
We highly recommend you to read the following topics
- Identifying API key needs (system-level authority)
- Identifying permissions needs (general, environment-wide authority)
Note: We recommend you create a role per system and create authority layers for the roles you assign to users. To make things easy for yourself, create an overview of the different authority layers you wish to have. Read the identifying role & permission needs topic for more information.
How do roles work?
You can assign a role to a user or a system. However, for your roles to have merit, you must assign meaningful permissions to them.
When you create a role, you will have the option to allocate such permissions.
Of course, you can always change role permissions, and you can even delete them, but you must be aware of the technical repercussions that may occur – especially when editing roles of active systems.
Why use roles?
First and foremost, roles let you set boundaries in your environment.
If you haven’t created any roles in your environment, you would have to assign the admin role as a default for all of your users.
Because you probably do not want everyone to do as they please, you should use roles. Unsurprisingly, that’s precisely why most organizations prefer to have a hierarchy of authority.
Instead of haphazardly giving every person or system in your environment authority, you should grant what is necessary and most appropriate.
For example, you can choose which system or person can:
- Create folders
- Retrieve PDFs
- Change API key permissions
- Update billing information
- Delete webhooks
- And much more.
If you would like to have an overview of all permissions, then please refer to the following topic:
Updated over 1 year ago