zitadel/site/docs/administrate/09-authorizations.en.md
mffap ea2aa27f15
docs: improvement to semantics (#944)
* rename to overview

* wip

* wip

* wip

* wip

* wip

* wip

* examples

* ts example

* wip with grafana

* add grafana tutorial

* screenshots and grafana

* figure out oauth proxy

* authz oauth proxy

* move img

* merge from master

* reviewed documentation

* reviewed documentation

* wip

* wip

* wip

* wip

* wip

* wip

* examples

* ts example

* wip with grafana

* screenshots and grafana

* figure out oauth proxy

* authz oauth proxy

* move img

* merge from master

* cleaned up name for management roles

* corrected small typo in code

* Intro for orgs, spelling, ref to mgmt roles

* removed inline comments

* Update 00-quick-start.en.md

* Update 02-organisations.en.md

* Update site/docs/administrate/03-projects.en.md

Co-authored-by: Florian Forster <florian@caos.ch>

* Update 03-projects.en.md

* Update 04-clients.en.md

* Update site/docs/administrate/07-policies.en.md

Co-authored-by: Florian Forster <florian@caos.ch>

* Update 09-authorizations.en.md

Co-authored-by: Florian Forster <florian@caos.ch>
2020-12-01 16:56:33 +01:00

877 B

title
Authorizations

ZITADEL's management Roles

ZITADEL's own role model is built around the IAM resource. The roles have some hierarchies to them. For example a IAM_OWNER can view and edit every resource of the system. ORG_OWNERS can only manage their resources included within their organisation. This includes projects, clients, users, and so on.

How to give a user ZITADEL Roles

With ZITADEL Console

Screenshots

System Roles

IAM_OWNER

IAM_OWNER_VIEWER

Organisation Roles

ORG_OWNER

ORG_OWNER_VIEWER

ORG_USER_PERMISSION_EDITOR

ORG_PROJECT_PERMISSION_EDITOR

ORG_PROJECT_CREATOR

Owned Project Roles

PROJECT_OWNER

PROJECT_OWNER_VIEWER

PROJECT_OWNER_GLOBAL

PROJECT_OWNER_VIEWER_GLOBAL

Granted Project Roles

PROJECT_GRANT_OWNER

PROJECT_GRANT_OWNER_VIEWER

Project Roles Management

Explain Project Authorization