Permission Management

General Structure

Users management system offers very granular access permissions through the configuration of user permissions and roles. Access permissions and roles are defined on the Tenant level and are completely managed by tenant owners.

In addition, tenant owners are able to provide access rights to companies that they manage, and company admins are able to assign limited rights (based on their permission level) to their users and manage the rights on company level.

This level of flexibility, enables the users of the platform to be able to manage and grant permissions based on their authority.


Rights

Right is the permission to access to a certain feature of functionality. Rights are essential to govern users access in the platform to allow particular action. Normally each right is associated with particular feature or group of features.

🚧

Note

Rights are only defined by Finlex product development team to control a single feature or a group of features.



Roles

Role is a group of permissions (rights) that can be assigned to a user account. Roles can be defined by tenant admins, but some roles are pre-defined in the platform for simplicity.


Basic Predefined Roles

Basic roles can be assigned to user accounts during onboarding of the user, they are grouped in the following categories:

  • Broker
  • Insurer
  • Customer
  • Site Admins

Basic roles can not be changed or updated by users.


Custom Roles

Tenant admins are also able to define custom roles based on the needs of their organisation structure and their user management policies. Custom roles can be changed or updated by tenant administrators.


Constraint on Roles

  • Role names should be unique and follow PascalCase convention and should not contain numbers or special characters.
  • Predefined roles have System as a prefix.
  • Predefined roles cannot be added or updated via the update roles API.
  • Right(s) should already exist for association and can not add/update via API.
  • Super user or super admin role such as “System:PlatformAdmin“ cannot be assigned via the API to any user. Its assigned only to the users part of the “platform“ tenant.

Role Assignment

Permission management in Finlex platform is based on rights and roles assigned to user accounts. Finlex platform has several features to which their access can be controlled. The feature permissions are grouped by category and are available to be assigned to users based on subscription.

Accounts can be tied to multiple roles. In order to grant permissions to a user account roles can be assigned.

📘

Platform Rights

Finlex GmbH as the platform owner reservers the rights to have additional platform layer rights to be able to serve Finlex clients.