Managing Administration Permissions

When configuring App Portal, you will need to specify which users and groups can view and modify settings on the various App Portal views on the Admin tab. This secures the App Portal site settings to the listed groups and users. You configure administrative security on the Admin Security View, which is opened by selecting Admin Security under Site Management on the Admin tab.

Admin Security View

On each of the tabs of the Admin Security View, you can view and edit the security settings (Read, Write, Delete) for existing users and groups for that particular role.

However, you assign initial permissions to a user or group for all roles on the pop-up dialog box that opens when you click Add User/Group on the Admin Security View.

Admin Security Pop-Up Dialog Box

Note:Permissions are the “most restrictive model”. For example, if a user is in two groups where one is granted Read permission and the other granted Write permission, the permissions will be Read; they are not cumulative.

Adding a User or Group to Admin Roles

To add a user or group to Admin roles, perform the following steps:

To add a user or group to Admin roles:

1. On the Admin tab, open the Site Management > Admin Security view.
2. Click the Add User/Group button. The following dialog box opens:

3. Use the search fields to locate the user or group that you want to add.
4. Select the appropriate permissions from the Assign rights fields for each listed role. Under Assign rights, the following roles are listed:

Role

Permission

Site Management

Can view, create / modify, or delete configuration items under the following subnodes of Site Management:

Site Management > Admin Security
Site Management > Catalog Security
Site Management > Settings (all subnodes except Active Directory)
Site Management > Imported Users and Computers
Site Management > Logs
Site Management > ITSM & Cloud Integration
Site Management > Categories
Site Management > Commands and Actions

Active Directory

Can view, create / modify, or delete configuration items under the following nodes:

Site Management > Settings > Active Directory
Site Management > Active Directory

Catalog Management

Can view, create / modify, or delete items under the following nodes:

Catalog Management > Create New Catalog Item
Catalog Management > Current Catalog Items
Catalog Management > Catalog
Catalog Management > Catalog Categories
Catalog Management > Expressions
Catalog Management > Workflows
Catalog Management > Workflow Status

Approval Groups

Can view, create / modify, or delete items under the following nodes:

Catalog Management > Approval Groups

Question Management

Can view, create / modify, or delete items under the following nodes:

Catalog Management > Questions

Compliance Management

Can view, create / modify, or delete items under the following nodes:

Compliance Management

Deployment Management

Can view, create / modify, or delete items under the following nodes:

Deployment Management

Report Management

Can view, create / modify, or delete items under the following nodes:

Report Management

Site Communication

Can view, create / modify, or delete items under the following nodes:

Site Management > Communication

REST API

Enables access to all REST API endpoints.
5. Click Assign Rights to add the user or group. The selected user or group will now have access to the specified roles.

App Portal / App Broker 2020 R1 Evaluation Guide

August 2020

CommunityFlexera.comCopyright