User access roles


°neo allows you to define the access roles a user has throughout the platform. Access roles are a bundle of one or more permissions. For example, the role "Employee" has both the permissions "Create person" and "Update person". Through User Access Roles, you are able to define which access roles each user has.

Access roles and permissions

Access roles and permissions are configured as part of a configuration item, and are used to restrict user access within °neo. For details on how to create and manage this configuration item, see Access roles and permissions section under Configuration items.

Once a configuration item for Access roles and Permissions is applied to an environment, you can manage the roles for users.

Setting up users in your identity provider

User accounts, their access to environments and their roles on the environments are managed in your Identity Provider (IdP), for instance Azure Active Directory.

In your IdP, you must create a group with a name that follows the format: Environment.Key. Environment standard has the following allowed parameters:

  • Sandbox
  • Staging
  • Production

The key follows the naming convention as described in Access roles and permissions. For example, the group name for the access role Manager on the environment Production will be Production.Manager.

Once a group is created users can be added.