Guides
Guides

Access Management

Suggest Edits

Overview

User access on Xyte is managed via two distinct methods:

  1. Tenant wide access
  2. Space level access

The access management feature pertain to users created in the local tenant or external users, that are given explicit access.

Tenant Wide Access

Overview

Xyte supports the concept of "Global Administrator" and "Global Viewers". This feature is determined by the user being a member of the automatically-created groups "administrators" or "Viewers" respectively.

Managed of members to both groups can be done by users already in the global "administrators" group (by default the user creating the tenant is granted membership and can add additional administrators).

See Users & Groups on how to create users and add them to global groups via the Settings tab.

Global Administrators

Users in the global "administrators" group, have full read and write access to all tenant features. This includes access to all spaces and devices, store management, connectors, integrators, settings ,etc.

Global Viewers

Users in the global "Viewers" group. These users have read only access to the following:

  • All Spaces and Devices
  • Incidents
  • Assets
  • Files
  • Contracts
  • Store
  • Products
  • Tickets

Space Level Access

Overview

Each Space in the Overview tree has its own access rights for Users and can be independently managed. The Space level access defined what the User can do in and to the Space and to all the Devices directly inside of it.

Inheritance

Any changes to the access levels of a Space, automatically propagate to all the Spaces below it. Thus giving View access to a User on a "UK" Space, will add the same permission to the User to all the child and grandchild Spaces, such as "London", etc.

Levels

Space level access can be of three different levels:

  • Admin - Full access to the Space. Can change Space's properties and settings, create sub-spaces, move the Space. Claim, manage, delete Devices in the Space and move Devices from the Space and to it.
  • Edit - View and control Devices and Assets within the Space
    • Claim / delete devices.
    • Send commands, configure devices.
    • Create / update / close Incidents.
    • Add / modify / delete Assets
  • View - View Devices within a Space. No ability to send commands, configuration or any other changes.

Access Level Computation

A User might be granted different access levels to the same space, if that User belongs to (one or more) Groups that have access to the Space.

To calculate the actual access rights, Xyte picks the highest access level granted to the user directly or indirectly via Groups.

Access Management

Access control is done via Overview -> Space -> Manage Access menu.

See Space Access Management

Updated 3 days ago