# Managing Roles

The roles of a user can be managed by a SuperAdmin from the Roles section of the left menu. The Roles dashboard will display the available OwnIdP administrator roles on the left and the roles for the selected federation on the right.

Here, you can:

  • create a role using the Add button,
  • updated a role using the pencil icon ,
  • delete a role using the trashcan icon .

# Authorisation matrix

Below is the authorisation matrix of the standard OwnIdP roles.

Authorisation matrix

The CRUD acronym in the below table has the following meaning:

  • C = Create
  • R = Read
  • U = Update
  • D = Delete
Rights SuperAdmin Functional Manager Admin UserAdmin
Manage Settings RU - - -
Manage user roles and organisation types CRUD - - -
Manage own organisation CRU CRU R -
Manage other (main-level) organisations CRUD CRU - -
Manage own sub-organisation(s) CRUD CRU CRUD -
Manage sub-organisations of other organisations CRUD CRU - -
Manage users of own organisation(s) CRUD CRUD CRUD CRUD
Manage users of other organisation(s) CRUD CRUD CRUD* CRUD*

*Only for own sub-organisations

Note

An admin level cannot add or remove anything that has a higher admin level then their own rights.

Last updated: 9/20/23, 12:13:17 PM UTC