Managing users, roles, and permissions
This section describes how to manage user access to TrueSight Orchestration and its components. It covers how to create users and roles, assign users to roles, and assign TrueSight Orchestration component permissions to roles.
Before getting started, review the overview in Authentication-and-authorization.
TrueSight Orchestration uses a role-based authentication system (RBAC).
To use the RBAC system, you must perform the following tasks:
- In Remedy Single Sign-On (Remedy SSO or RSSO) create a user for each of your organization's users who will access TrueSight Orchestration.
- In Remedy SSO create roles based on your organization's needs.
Think about the main user roles in your organization. What are the tasks that users with these roles perform and what TrueSight Orchestration components and content do they need to use to perform those tasks? - Assign users to roles.
- Assign appropriate TrueSight Orchestration access permissions to the roles.
- Use Grid Manager to assign permissions associated with the grid.
- Use Repository Manager to assign permissions associated with the repository and repository content.
If a user is associated with more than one role, the user is granted the most permissive permissions.
By default, TrueSight Orchestration provides the aoadmin user and AoAdmin role. The role has full access to the repository and to the grid. AoAdmin is a hard-coded role and is not used to administer the system.
TrueSight Orchestration provides default permissions for access to grid, repository, and repository-content. You can create other permissions based on your needs.
This section includes the following pages: