Detailed Permissions
The following tables describe the permissions available to apply to both roles and groups.
Authoring
| Permission | Read/Write | Control |
|---|---|---|
| Deployments | Read | Read deployment-related statuses and data. |
| Deployments | Write | Write deployment-related data, including the ability to deploy and terminate deployments. |
| Models | Read | Read authoring data models (projects, event patterns, event types, etc.). |
| Models | Write | Write authoring data models (projects, event patterns, event types, etc.). |
| Schema Discovery | Read | Use Schema Discovery to search topics and view schemas. |
Data Management
| Permission | Read/Write | Control |
|---|---|---|
| Connectors | Read | User is able to view connector configurations and status. |
| Connectors | Write | User is able to create, run, and stop connectors. |
| Upload Files | Read | User is able to see file upload status and records in the Activity Monitor page of the Data Importer. |
| Upload Files | Write | User is able to upload files via Data Importer. |
Workstation
| Permission | Read/Write | Control |
|---|---|---|
| Collections Export | Read | User can export CSV data and reports from a collection. |
| Data Delete | Write | User is able to perform administrative deletion of Workstation data. |
| Custom Field Templates | Write | User is able to view and edit Custom Field Templates in Workstation Designer. |
| Export Builder | Write | User can access/update the export builder tool to create, manage, or delete limited custom mappings from a collection into CSV format. |
| Ingest | Write | User can see and interact with the Admin screen and the “Ingestion settings” table on the Admin screen. Note: Write permission to "Ingest" is required for any user that wishes to set "Event Decorations" on Designer (which is handled via the "Templates Views" view permission). |
| Collections Attachments | Read | User can view and download attachments to a collection. |
| Collections Attachments | Write | User can upload attachments to a collection. |
| Notification Settings | Write | User can see and interact with the "Notification Settings" table on the Admin screen, but they are required to also be granted access to "Ingest", otherwise they will not see the Admin screen at all. |
| Report Builder | Write | User can access/update the report builder tool. |
| Tags | Write | User can see the Designer tab and the "Tags" mode within it. User can created, edit, or delete tags. |
| Templates Event Details | Write | User can see the Designer tab and the "Event Detail Templates" mode within it. User can create, edit, or delete Event Detail Templates. |
| Templates View | Read | User can view "View Templates". |
| Templates View | Write | User can create, update, or delete "View Templates". User can see the "Event Decorations" mode in the Designer tab if they also have "Write" access to "Ingest". |
| Views | Read | User can click into views but cannot add or delete widgets. |
| Views | Write | User can create, edit, and delete view. Within a view, they can create, edit, or delete widgets. |
Manual Actions
| Permission | Read/Write | Control |
|---|---|---|
| Manual Actions | Write | If an event has manual actions available, a user can access the manual event interface to perform a specific action on the event. |
User Management
Permissions
| Permission | Read/Write | Control |
|---|---|---|
| Groups | Write | User can view, edit, and delete groups. |
| Roles | Write | User can view, edit, and delete roles. |
Users
| Permission | Read/Write | Control |
|---|---|---|
| Info | Read | User can see a list of users in the system and their names and emails. |
| Info | Write | User can change the first and last name of the user. |
| Role | Read | User can see a list of users in the system and their roles. |
| Role | Write | User can change or remove a role from a user, except their own. |
| Groups | Read | User can see a list of users in the system and the groups they belong to. |
| Groups | Write | User can change or remove groups from another user account, except their own. |
| Account Status | Write | User is able to change another user's status (except Super Admin or the user's own account) from Active to Deactivated, delete a user account, or change permissions for a role or group. Deactivating users is recommended in place of deletion, as Deactivated users cannot log into Cogynt Workstation, but the system retains their information. |
Audit Viewer
| Permission | Read/Write | Control |
|---|---|---|
| Audit | Read | User can visit the Audit Viewer application, which allows viewing historical actions. |