User Roles
- Thorsten Boedeker
Essential Roles
The platform comes with a set of essential roles to cover the basic needs. These essential user roles are dependent on the tenant role (the role of the company on the platform - e.g. Machine Operator, Service Provider or App Developer).
Basic Roles
Each tenant has a basic set of permissions and a Tenant Admin has essential roles allowing to manage the own tenants on the platform.
Tenant admin
The focus of the Tenant Admin is to administrate his company accounts. He has no permissions for operational work.
This role needs to be assigned to at least one tenant user - the first user that is invited to create a new tenant is always a Tenant Admin.
Main permissions are User Invitation & Management and Role Assignment.
User & Access Management
- Invite and delete users of the own tenant
- Assign roles & scope to users
Tenant Configuration
- Manage Company information
- Manage appearance of the platform for all users of the tenant
Tenant admins are NOT able to delete their own account or unassign the admin role from their own account. The purpose is to prevent tenants from being unable to work without an administrator.
Data Analyst - Controller
The idea of the "Data Analyst - Controller" is to have a role that is dedicated for reporting via API. The role has no permissions in the frontend nor any update, manager or delete permission. On the other side "Data Analysts" are able to read all relevant objects. This includes features of the Basic, Service Provider and Operator tenant role.
User & Access Management
- Read users of own tenant
- Read assigned user roles
Service Case Management
- Read Service Cases
Digital Shop Floor
- Read Assets
- Read Facilities
Customer Management
- Read Customers
- Read Customer Machines
- Read Service Organisations
- Read Machine Models
- Read Service Licenses
Edge devices
- Read Edge Devices
- Read Tunnel Configs and Tunnel Config Templates
Operator Roles
Operating companies are usually invited by their Service Provider. Besides the basic tenant role Tenant Admin, these tenants come with the essential roles Workshop Manager and Machine Operator.
| White: No Access | Yellow: Limited Access | Green: Full access |
| Feature | Machine Operator | Workshop Manager | (optional) Operator - internal Service Cases | (optional) Maintenance Engineer |
|---|---|---|---|---|
| Short Description | The Machine Operator is operating his daily business at the machine on the production site. If a problem with his machine occurs, he wants to get immediate support by his Service Provider. | The focus of the Workshop Manager is to administrate the digital shopfloor in an Operating Company. Moreover, he has all necessary permissions to use the Service Case Management. | The Operator - internal Service Cases is an alternative to the Machine Operator. The only difference is that he cannot create shared Service Cases, but is enabled to create Internal Service Cases | The Maintenance Engineer role enables users to provide Internal Service within the Operator organization as well as request Service from external Service Providers. |
| (optional) Internal Service Cases | Create | Create/Manage | ||
| Service Case Management | Manage | Manage | Read | Manage |
| Digital Shopfloor | Read | Manage | Read | Read |
| Documents & Media | Read | Manage | Read | Read |
| Applications | Manage | Read | ||
| Edge Devices | Manage |
Feature Descriptions
Internal Service Cases
- Create/Manage Internal Service Cases
Service Case Management
Read/Manage Shared Service Cases
Read Internal Service Cases
- Use Conferencing in all Service Cases
- (De-)Activate Remote Access for all Service Cases
- Manage: Use Remote Access Connections for all Service Cases
Digital Shopfloor
- Read/Manage Facilities
Read/Manage Assets
Accept asset proposals and assign assets to Facilities
Documents & Media
Read/Manage Documents for your Assets
Applications
Install/Update/Uninstall apps for your connected assets
Edge Devices
- Read/Manage Edge Devices
Service Provider Roles
White: No Access | Yellow: Limited Access | Green: Full access |
| Feature | 1st Level support | Service Technician | Master Data Manager | Customer Data Manager | Service Manager (deprecated) |
|---|---|---|---|---|---|
| Short Description | The main focus of 1st Level Support is working in Service Case Management. This role is able to view the most objects but not to manage them. The idea of this role is to be the first touch point in case of service or if questions arise. | Service Technician is supposed to fit for 2nd level or last level support as well as field service. He has all permission of the 1st Level Support and additionally all possibilities for Remote Access and managing Edge Devices. | The Master Data Manager manages the Machine Models and the templates and compatibilities on Machine Model level. | The Customer Data Manager is focusing on Customer Management and is permitted to do every task in this section such as creating Service Organisations, Customers and Customer Machines and invite Customers to the platform. | The Service Manager had all permissions that were available for the operational work on Service Provider side in the past. This role is deprecated and will be removed soon. Please use the roles on the left.. |
| Service Case Management | Manage | Manage | Read | ||
| Remote Access / File Transfer | Manage | ||||
Customer Management | Read | Read | Manage | ||
| Machine Models incl. templates (e.g. for Remote Access or Data Services) | Read | Read | Manage | Read | |
| Documents & Media | Manage | Manage | Manage | Manage | |
| Edge Devices | Read | Manage | Read | Manage | |
| Applications | Read | Read and Assign to Machine Models | |||
| Machine Licenses | Read and Download |
Feature Descriptions
Service Case Management
- Read/Manage Service Cases from Customers
- Read permission includes the use of Conferencing features in the context of a Service Case
Use Remote Access / File Transfer
Configure & start Remote Access sessions
Configure & use File Transfer
Customer Management
- Read/Manage Service Organisations
- Read/Manage Customers
- Read/Manage Customer Machines
- Read/Manage Service Contracts
- Link Customer Machines with Edge Devices
Machine Models incl. templates (e.g. for Remote Access or Data Services)
- Read/Manage Machine Models
- Manage templates for Remote Access on Machine Model level
- Manage templates for OPC-UA configuration
- Manage application compatibility on Machine Model level
Documents & Media
- Read/Manage Documents for Machine Models
Machine Licenses
- Read and Download License information
Edge Devices
- Read/Manage Edge Devices
Applications
- Read Application information
- Make Applications available for installation on Machine Model level
Individual Roles
After Onboarding, it is possible to create individual roles for a specific tenant to adapt the internal service processes. Please contact our Sales representatives for further information.