Key Concepts¶
Role-Based Access Control (RBAC)¶
Application Portal controls user access to applications and assets based on organization structures, roles (with menu groups), and user groups.
Organization structures are used to manage access to applications and assets based on the organization hierarchy.
Roles are used to manage access to application menus through menu groups, and application operation permissions (access points).
User groups are used to manage access to assets based on a custom grouping of users.
Organization Unit (OU)¶
An organization unit (OU) refers to a collection of users, resources, applications, and services, and is the top-level account management unit in Application Portal.
Organization Structure¶
An organization structure is a hierarchical relationship for asset management with nodes as the management units (for example, setting the hierarchy by geographic location). After the personnel of an enterprise or organization are assigned in the organization structure, they can use the applications in the specified organizations and access the information and data of the specified assets. It is helpful for enterprises or organizations to achieve the centralized and hierarchical management of users, applications, and asset data.
Application¶
The applications registered or purchased through the EnOS Management Console can be automatically synchronized to the Application Portal. An OU administrator can enable or disable an application, assign an application to an organization node within an organization structure, manage application menu groups, or combine menus of multiple applications into a new application based on the business needs of the enterprise or organization.
Permission¶
Permissions are used in applications to give users operational capabilities in the applications. Permissions are assigned to roles, and the users of the roles will have the corresponding assess rights based on the permissions. The application’s permission is configured by the application developer via the application registration page in the EnOS Management Console.
Role¶
A role is a collection of functional permissions, including menu access permissions and operational permissions. After assigning a role to a user, the user of that role would gain access to the corresponding menus and operation permissions within the application.
User Group¶
A user group is formed by grouping the users within an organization, and users in the same user group have the same asset access permissions. You can assign asset permissions through user groups to improve management efficiency.
Asset Permission¶
The organization assets registered in the EnOS Management Console can be synchronized to the Application Portal by the asset synchronization function. The OU administrator assigns assets to the organization structure nodes and assigns asset permissions to users or user groups within the organization. Users with the appropriate permissions within the organization can view the asset information and data through the applications.
Sub-administrator¶
Sub-administrators can manage the appropriate personnel permissions, such as assigning roles and assigning asset access permissions, within a specific organization structure. An OU administrator can add a user within an organization as a sub-administrator and specify organization structure nodes and roles that the sub-administrator can manage.