What are roles?
Each employee in a company is ultimately a member of a department and / or part of a particular function level. These departments or groups are mapped within Password Safe using the role concept. The authorizations can therefore be configured and inherited in a role-based manner. The “Roles” module should only be made available to administrators. Accordingly, it is recommended to limit the visibility of the role management. It is also possible to delegate the management of departments or separate areas completely to third parties via the role concept. The authorization concept ensures that users are only granted access to those roles to which they are entitled.
The following options are required.
- Can add new roles
- Display role module
Roles in focus
The configuration of roles is the basis for the authorization concept. Of course, the permissions for data could also be set at a user level. However, the use of roles can dramatically reduce the administrative burden, and it helps to keep an overview. In addition to the authorizations for data, user rights are also mapped in the best case via roles.
As you can see, roles are the central objects within Password Safe. They form the indispensable bridge between users and authorizations of any kind.
Creating and granting permissions for new roles
If you are in the “roles” module, the process for creating new roles is the same as for . Roles can be created via the ribbon and also via the context menu that is accessed using the right mouse button.
Just like with the , you should also familiarize yourself with the intended role concepts in advance. The mapping of the structures present in a company is the starting point for the success of Password Safe. You should design the roles in Password Safe only once a detailed design has been drawn up, and all the requirements of all project participants have been met.
Why are there no groups?
Password Safe enforces the avoidance of unnecessary structures through the role concept. A group-in-group nesting is not supported – and is not necessary at all. The resultant increase in performance as well as increased overview promotes efficiency and effectiveness. The elegant interplay of organisational structures, roles, and granular filter options can cover all customer-specific scenarios.
Overview of members for a role
As well as being able to view the members in the permissions dialogue, a list of all members for a role is already made available in the . All of the other users with permissions but without membership of the role are not taken into account.