List of permissions by service

Consult the description of each permission available on the Digibee Integration Platform.

Below you will find a description of each permission in the Digibee Integration Platform, separated by service. The permissions for the system roles can be found in the Roles documentation.

API Keys

  • APIKEY:CREATE: create new API keys on the Consumers (API keys) page.

  • APIKEY:READ: view existing API keys on the Consumers (API keys) page.

  • APIKEY:UPDATE: update existing API keys on the Consumers (API keys) page.

  • APIKEY:DELETE: delete existing API keys on the Consumers (API keys) page.

  • APIKEY:CREATE:ACL: associate pipelines to existing API keys.

  • APIKEY:CREATE:APIKEY: create new keys for existing consumers on the Consumers (API keys) page.

  • APIKEY:DELETE:APIKEY: delete existing keys for existing consumers on the Consumers (API keys) page.

Account

  • ACCOUNT:CREATE: create new account on the Accounts page.

  • ACCOUNT:READ: view existing accounts on the Accounts page.

  • ACCOUNT:UPDATE: update existing accounts on the Accounts page.

  • ACCOUNT:DELETE: delete existing accounts on the Accounts page.

Alert

  • ALERT:CREATE: create new alerts on the Alerts page.

  • ALERT:READ: view existing alerts on the Alerts page.

  • ALERT:UPDATE: update existing alerts on the Alerts page

  • ALERT:DELETE: delete existing alerts on the Alerts page.

Audit

  • AUDIT:READ: view the audit records on the Audit page.

Capsule

  • CAPSULE:CREATE: create new Capsules on the Capsules page.

  • CAPSULE:READ: view existing Capsules on the Capsules page.

  • CAPSULE:UPDATE: update existing Capsules on the Capsules page.

  • CAPSULE:DELETE: delete existing Capsules on the Capsules page.

  • CAPSULE:UPDATE:PUBLISH: publish Capsules to be used on pipelines.

Capsule Collection

  • CAPSULE:CREATE:COLLECTION: create new collections on the Capsules page.

Capsule Group

  • CAPSULE:CREATE:GROUP: create new groups to organize Capsules on the Capsules page.

  • CAPSULE:DELETE:GROUP: delete existing group on the Capsules page.

  • CAPSULE:UPDATE:GROUP: update existing group on the Capsules page.

Capsule Header

  • CAPSULE:CREATE:HEADER: create new headers for Capsules.

  • CAPSULE:DELETE:HEADER: delete existing headers for Capsules.

  • CAPSULE:UPDATE:HEADER: update existing headers for Capsules.

Completed Execution

  • MESSAGE:READ: view the list of execution messages in all environments.

Consumer

  • CONSUMER:CREATE: create consumers and API keys on the realm.

  • CONSUMER:READ: view existing consumers and API keys on the realm.

  • CONSUMER:UPDATE: update existing consumers and API keys on the realm.

  • CONSUMER:DELETE: delete existing consumers and API keys on the realm.

Deployment

  • DEPLOYMENT:CREATE: deploy pipelines in all environments.

  • DEPLOYMENT:READ: view deployments in all environments.

  • DEPLOYMENT:DELETE: delete deployments in all environments.

  • DEPLOYMENT:CREATE:REDEPLOY: redeploy pipelines in the selected environment.

  • DEPLOYMENT:EXECUTE: manually re-execute the selected execution in all environments.

Export Log

  • EXPORT:READ: export the pipeline logs on the Monitor page.

Global

  • GLOBAL:CREATE: create new global variable on the Globals page.

  • GLOBAL:READ: view existing global variables on the Globals page.

  • GLOBAL:UPDATE: update existing global variables on the Globals page.

  • GLOBAL:DELETE: delete existing global variables on the Globals page.

License

  • LICENSE:READ: view the realm licenses.

Monitor Overview

  • STATS:READ: view monitoring information about the pipelines through API.

Multi-Instance

  • REPLICA:CREATE: create new multi-instance models.

  • REPLICA:READ: view the existing multi-instance models.

  • REPLICA:UPDATE: update the existing multi-instance models.

  • REPLICA:DELETE: delete the existing multi-instance models.

OAuth Provider

  • OAUTH:CREATE: create new OAuth service.

  • OAUTH:UPDATE: update existing OAuth service.

  • OAUTH:DELETE: delete existing OAuth service.

Pipeline

  • PIPELINE:CREATE: create a new pipeline on the Build page.

  • PIPELINE:READ: view existing pipelines on the Build page.

  • PIPELINE:UPDATE: update existing pipelines on the Build page.

  • PIPELINE:DELETE: delete existing pipelines on the Build page.

  • PIPELINE:READ:HISTORY: view the history of the pipeline on the Build page.

Pipeline Configuration

  • CONFIGURATION:CREATE: configure the pipeline.

  • CONFIGURATION:READ: view the pipeline configuration.

  • CONFIGURATION:UPDATE: update the pipeline configuration.

Pipeline Documentation

  • PIPELINE-DOCUMENTATION:CREATE: create pipeline or Capsule documentation.

  • PIPELINE-DOCUMENTATION:READ: view pipeline or Capsule documentation.

Pipeline Log

  • LOG:READ: view the list of logs on the Monitor page.

Pipeline Metric

  • METRICS:READ: view the metrics of deployed pipelines in all environments on the Monitor page.

Platform Permission

  • PERMISSION:READ: view the available permissions on the Roles page.

Policy Parameter

  • POLICY:UPDATE: update policies on the Policies page.

  • POLICY:READ: view the policies on the Policies page.

Project

  • PROJECT:CREATE: create new projects on the Build page.

  • PROJECT:READ: view existing projects for which you are assigned as a user on the Build page.

  • PROJECT:UPDATE: update existing projects on the Build page.

  • PROJECT:DELETE: delete existing projects on the Build page.

  • PROJECT:READ:ALL: view all existing projects, even when you aren’t an assigned user on the Build page.

  • PROJECT:UPDATE:LINK-WITH-PIPELINE: associate a pipeline to a project.

Relationship

  • RELATION:CREATE: create a new relation model on the Relationship page.

  • RELATION:READ: view existing relation models on the Relationship page.

  • RELATION:UPDATE: update existing relation models on the Relationship page.

  • RELATION:DELETE: delete an existing relation model on the Relationship page.

Running Execution

  • INFLIGHT:READ: view an execution in all environments.

  • INFLIGHT:CANCEL: cancel an execution in all environments.

SAML Group Mapping

  • SAML-GROUP-MAPPING:CREATE: create new SAML group mapping.

  • SAML-GROUP-MAPPING:READ: view existing SAML group mappings.

  • SAML-GROUP-MAPPING:UPDATE: update existing SAML group mappings.

  • SAML-GROUP-MAPPING:DELETE: delete existing SAML group mappings.

SSO Configuration

  • SSO-CONFIGURATION:CREATE: create SSO configurations.

  • SSO-CONFIGURATION:READ: view existing SSO configurations.

  • SSO-CONFIGURATION:UPDATE: update existing SSO configurations.

  • SSO-CONFIGURATION:DELETE: delete existing SSO configurations.

Test Mode

  • TEST-MODE:EXECUTE: execute pipelines in the test environment.

  • TEST-MODE:EXECUTE:CAPSULE: execute Capsules in the test environment.

User

  • USER:CREATE: create new users on the Users page.

  • USER:READ: view existing users on the Users page.

  • USER:DELETE: delete existing users on the Users page.

  • USER:UPDATE: update existing users on the Users page.

  • USER:READ:INACTIVE-PERMISSION: view the permissions of an inactive user on the Users page.

  • USER:READ:PERMISSION: view the permissions of a user on the Users page.

  • USER:UPDATE:ASSIGN-GROUP: assign one or more groups to a user on the Users page.

User Group

  • GROUP:CREATE: create new groups on the Groups page.

  • GROUP:READ: view existing groups on the Groups page.

  • GROUP:UPDATE: update existing groups on the Groups page.

  • GROUP:DELETE: delete existing groups on the Groups page.

  • GROUP:READ:PERMISSION: view the permissions of existing groups on the Groups page.

User Role

  • ROLE:CREATE: create new roles on the Roles page.

  • ROLE:READ: view existing roles on the Roles page.

  • ROLE:UPDATE: update existing roles on the Roles page.

  • ROLE:DELETE: delete existing roles on the Roles page.

ZTNA

  • ZTNA:READ: view existing ZTNA Connections.

  • ZTNA:GENERATE-KEY: generate registration key for ZTNA Connections.

digibeectl

  • USER:CREATE:GENERATE-JWT: generate authentication configuration in the Digibeectl.

  • USER:DELETE:REVOKE-JWT: revoke authentication configuration in the Digibeectl.

  • USER:READ:OPEN-AUTH-CONFIG: decrypt authentication configuration in the Digibeectl.

Last updated