TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2024-12-12 11:04:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
26c8113930
zitadel/site/docs/administrate/05-roles.en.md
mffap ea2aa27f15
docs: improvement to semantics (#944) 
* rename to overview

* wip

* wip

* wip

* wip

* wip

* wip

* examples

* ts example

* wip with grafana

* add grafana tutorial

* screenshots and grafana

* figure out oauth proxy

* authz oauth proxy

* move img

* merge from master

* reviewed documentation

* reviewed documentation

* wip

* wip

* wip

* wip

* wip

* wip

* examples

* ts example

* wip with grafana

* screenshots and grafana

* figure out oauth proxy

* authz oauth proxy

* move img

* merge from master

* cleaned up name for management roles

* corrected small typo in code

* Intro for orgs, spelling, ref to mgmt roles

* removed inline comments

* Update 00-quick-start.en.md

* Update 02-organisations.en.md

* Update site/docs/administrate/03-projects.en.md

Co-authored-by: Florian Forster <florian@caos.ch>

* Update 03-projects.en.md

* Update 04-clients.en.md

* Update site/docs/administrate/07-policies.en.md

Co-authored-by: Florian Forster <florian@caos.ch>

* Update 09-authorizations.en.md

Co-authored-by: Florian Forster <florian@caos.ch>
2020-12-01 16:56:33 +01:00

2.4 KiB
Raw Blame History

title
Roles

What are Roles

ZITADEL lets projects define their role based access control.

Roles can be consumed by the clients which exist within a specific project.

For more information about how roles can be consumed, have a look the protocol specific information.

Manage Roles

Each role consist of three fields.

Field Description Example
Key This is the Roles actual name which can be used to verify the users roles. User
Display Name A descriptive text for the purpose of the Role User is the default role provided to each person
Group The group field allows to group certain roles who belong in the same context User and Admin in the group default

Granting Roles

To give someone (or somewhat) access to a project's resources and services ZITADEL provides two processes: Roles can either be granted to users or to organisations.

Grant Roles to Organisations

The possibility to grant roles to an organisation is intended as "delegation" so that a organisation can on their own grant access to users.

For example a service provider could grant the roles user, and manager to an organisation as soon as they purchases his service. This can be automated by utilising a service user in the service providers business process.

Screenshot here

Grant Roles to Users

By granting roles to users, be it humans or machines, this user receives the authorization to access a project's resources.

Screenshot here