About Users and Roles

Account management is based on users and roles. In the CloudVision Portal, users and roles have specific meaning.

Users

A user is a person who uses the CVP application and is authenticated by the system through the use of account credentials (username and password). which is maintained by CVP or external enterprise servers. Only the users with account management module credentials (Account management administrator) can create and manage users.

The account management administrator specifies the authentication credentials, name and contact information, status, and CVP permissions when creating user accounts for new users.

Account management administrators control which CVP modules users are authorized to use by assigning roles to users (the role assignments can be changed as needed at any time).

Note: Activity of CVP users is logged and can be viewed in the Audit Logs page.
Roles

A role is a set of read and write module permissions that defines user authorization to modules in CloudVision Portal. The account management administrator specifies the read and write permissions of each module when they create roles. Only account management administrators can create and manage roles.

Roles enable account management administrators to efficiently manage user permissions by assigning roles to users, and by changing the role assigned to users.

CloudVision Portal provides two default roles, one for the system administrator (network-admin) and one for a basic operator (network-operator).

Default Roles

CloudVision Portal provides two default roles. These default roles can be assigned to users as needed.

network-admin A user with the default “network-admin” role has read and write permissions for all CVP modules. In addition, this role has both device-level write permissions and database-level write permissions.
network-operator A user with the default “network-operator” role has only read permissions for all CVP modules. Users with this role cannot make changes to the CVP database.
Note: The read and write permissions cannot be changed for the default roles. But, custom roles can be created where read and write permissions can be modified.

For more information, see Managing User Accounts.