Introduction

• JS7 offers role based access management for access to the JS7 - Browser User Interface and to the JS7 - REST Web Service API.
• Any operations on objects such as starting a workflow, suspending orders, viewing logs etc. are assigned JS7 - Permissions..
• Permissions can be freely grouped to roles. A user account can be assigned any number of roles.

Scope

Permissions are assigned at the following levels:

• JOC Cockpit permissions includes any operations in the GUI or by the underlying REST Web Service.
  • The same permissions apply to a user account with any connected JOC Cockpit cluster instance.
• Controller permissions include to deploy objects such as workflows to a Controller and to remove them.
  • Permissions are handled per Controller.
  • A JOC Cockpit instance can be connected to a number of Controllers, e.g. for production use and for non-production use. User accounts can be assigned different permission sets for Controllers.
• Folder permissions include any of the above permissions within the scope of a folder hierarchy of objects such as workflows.
  • A user account can be assigned permissions to view and to manage objects on a per folder bases.
  • This allows to manage different user groups, e.g. working for different departments or mandator, to use the same JOC Cockpit instance without seeing each other's scheduling objects.