Admin Roles
Learn more about how to use Role-based Access Control to setup your own roles and rights to achieve a least-privilege approach to managing your Fusion configuration.
With Admin Roles you can:

1) Pre-configured Admin Roles

To start using Admin Roles, follow these simple steps:
1) Log into the Fusion admin console using an admin account.
2) Click Configuration, and then Admin Roles from the main menu. The Admin Roles page will be displayed as shown below.
Click to Enlarge
3) You will notice that Fusion includes 3 pre-configured Roles by default. The rights of these roles is explained in the table below:
Roles Name
Role Description
Access Rights
Admin
Provides full administrative access to this instance of Strivacity Fusion
Grant All:
Read, Write, Delete
Auditor
Provides access to the Dashboard and read-only access to the Admin Console
Grant All: Read
Helpdesk
Provides the ability to manage customer accounts and groups
Consent: Read Groups: Read, Write Delete
Group Membership: Read, Write, Delete
Identities: Read
Identity Store: Read
Dashboard: Read
Users: Read, Write, Delete
User Attributes: Read
The rights for the pre-canned Admin Role (Grant All, Read, Write, Delete) cannot be modified. If you wish to create a similar or duplicate Admin Role simply create a Custom Role.
These roles can be assigned to any existing Admin users within Fusion. See Assigning Roles to Admin Accounts for instructions on how to do this.

2) Creating Custom Roles

Fusion supports the capability for Admins to create their own custom roles by constructing them using the available rights. A role will consist of many rights, where a right corresponds to a discreet administrative function within the Fusion Admin Console.
To create a custom role, follow these simple instructions:
1) Log into the Fusion admin console using an admin account.
2) Click Configuration, and then Admin Roles from the main menu. The Admin Roles page will be displayed as shown below:
Click to Enlarge
3) Click the 'Create Role' button from the top right corner. You will now be able to set the Role Name, Role Description, and choose the individual Access Rights that you would like to apply to this role.
The available Access Rights are shown below:
Click to Enlarge
4) Once you have chosen the Access Rights that you wish to add to the role, click the 'Save' button. The newly created Admin Role is available for assignment to admin accounts. See Assigning Roles to Admin Accounts to learn more about Admin Role assignments.

3) Assigning Roles to Admin Accounts

To assign any Admin Roles to Admin Users follow these simple steps:
1) Log into the Fusion admin console using an admin account.
2) Click Configuration, and then Admin Roles from the main menu. The Admin Roles page will be displayed as shown below:
Click to Enlarge
3) Select the Admin Role that you wish to assign to an Admin User. The Edit role screen will be displayed as shown below:
4) Next, click the Assignees tab, and any assigned accounts will be displayed, as shown below:
Click to Enlarge
5) Now click the 'Assign Accounts' and add any Admin Users from the available list, as shown below:
Click to Enlarge
6) You will now be asked to confirm the assignment. Click 'Assign' to finish assigning the Admin user to the Role, or cancel.
7) You will now see that Admin User has been added to the role and so they will now have the rights to perform the Helpdesk function (per his example).
Last modified 7d ago