Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

OneList uses claims-based authorization authorisation for access control. Relavant claims are grouped in a Role for easy assignment Claims are assigned to users via roles.

When a user logs on to OneList, he/she is issued a token to access other OneList functionalities. The token contains the Claims from the roles assigned to the user. OneList requires this token to contain the required claim before granting The user's claims are encoded in a token issued by OneList during the logon process. This token is passed to OneList applications for validation. The application compares the claims in the token against its claim requirement to grant or deny the user access to its functionality.

OneList administrator is administrators are responsible for assigning the roles to userusers. By default, the "OneList User" role is assigned to all users.

Built-in claims and roles


Claim Type
Value
Permission
Role Assigned 
Description
app://onelist/administratorreadRead access to OneList
configuration settings
administration functionsOneList AdminThis claim gives view access OneList
configuration settings
administration via the OneList > System Admin menu
app://onelist/administratorupdateMaintain
OneList configuration settings 
OneList administration functionsOneList AdminThis claim gives full access to
OneList configuration settings
OneList administration via the OneList > System Admin menu
app://onelist/approval
Access OneList tasks OneList UserUser can view and approve
tasks, maintain
his/her tasks. User can maintain his/her task delegations
app://onelist/integration
Access

Execute OneList DataSync APIsOneList IntegrationThis claim is for OneList adapters to integrate with OneList APIs
app://iqxbusiness.com/sysadminreadRead access to RoleManagerSys AdminThis claim gives view access to RoleManager and diagnostic logs
app://iqxbusiness.com/sysadminupdateFull access to RoleManagerSys AdminMaintain users, roles and other settings in RoleManager
app://iqxbusiness.com/comms
Maintain email templates

Sys Admin

OneList Admin

Maintain email templates