Roles and Permissions

Roles are used to authenticate both users and applications with Device Cloud.

Access to the features of Device Cloud is controlled by the following:

  • the role assigned to a user account on to the Management Portal or authenticated with Device Cloud

  • the role assigned to a developer on the Management Portal or authenticated with Device Cloud

  • the role assigned to an application for a software application that connects to Device Cloud

Each organization defines the roles that it uses to define the permissions in the organization. The permissions within a role are organized by the services and commands available in Device Cloud. For more information about the services and commands, see the Device Cloud Service API Reference.

Additionally, roles can be defined to restrict access to a set of things based on the definition of the View tags and Update tags fields.

Device Cloud provides an Org Admin (organization administrator) role that has all permissions selected.

To perform the roles and permissions tasks, select Tools > Administration and then click Roles. The currently defined roles appear, which may include a default view only role.

From the Roles page, you can view, edit, clone, and delete a role.

Cloning (copying) a role starts with the permissions of an existing role, allows modifications to the permissions and fields, and then saves the cloned role as a new role.

Assigning Roles to Users and Applications

The roles defined for an organization can be assigned to any user account that is a member of the organization and any application that is defined in the organization.

  • For information on assigning roles to a user account, see Adding a User.

  • For information on assigning roles to an application, see Applications.