Granting and revoking user roles

This article explains how to grant and revoke roles of the users as a Cloud Identity Plane (CIP) administrator.

About permissions and roles in CIP

Permissions and roles provide access control in systems where CIP is used to provide identity management. Additionally, roles allow you to set up fine-grained access control by applying a specific object constraint (for example, permissions can be limited to a specific device, user, or organization).

Prerequisites

  • Administrator account in CIP

Grant a role to a user

  1. Select Users from the sidebar.

    Result

    The USERS view opens and shows the list of your users.

  2. In the USERS view, select a user from the users list.

  3. In the USER DETAILS view, select the meatballs menu () > Grant role.

    Result

    The GRANT ROLE pop-up window opens.

  4. In the GRANT ROLE pop-up window, select a role from the drop-down list.

  5. Select Grant role to confirm your choice.

    Result

    The role is granted to the user as indicated by the system message.

Revoke a role from a user

The procedure for revoking a role from a user is essentially the same as for granting one - you only need to select a different menu option.

  1. Select Users from the sidebar.

    Result

    The USERS view opens and shows the list of your users.

  2. In the USERS view, select a user from the users list.

  3. In the USER DETAILS view, select the meatballs menu () > Revoke role.

    Result

    The REVOKE ROLE pop-up window opens.

  4. In the REVOKE ROLE pop-up window, select a role to be revoked from the drop-down list.

  5. Select Revoke role to confirm your choice.

    Result

    The role is revoked from the user as indicated by the system message.

If you want to learn how to create roles and permissions, read Managing roles and permissions.