This page provides the roles and privileges and privilege group and privileges of the Authorization microservice.

Roles and Privileges

The following table describes the roles and privileges of the Authorization microservice:

Role Name	Privilege Group /Privilege	Description
`ROLE_AUTH_ADMIN`	`auth/admin/all`	Ability to perform all operations based on the given privileges as in the privilege group `auth/admin/all`.
`ROLE_ACCOUNT_BUYER`	`auth/create/authgroups`	Ability to create authgroups.
	`auth/view/authgroups`	Ability to view authgroups.
	`auth/viewall/authgroups`	Ability to view all authgroups.
	`auth/update/authgroups`	Ability to update authgroups.
	`auth/delete/authgroups`	Ability to delete authgroups.
	`auth/create/groupattributes`	Ability to create group attributes.
	`auth/view/groupattributes`	Ability to view group attributes.
	`auth/viewall/groupattributes`	Ability to view all group attributes.
	`auth/update/groupattributes`	Ability to update group attributes.
	`auth/delete/groupattributes`	Ability to delete group attributes.
	`auth/view/privilegesets`	Ability to view privilege sets.
	`auth/viewall/privilegesets`	Ability to view all privilege sets.
	`auth/create/privilegesets`	Ability to create privilege sets.
	`auth/update/privilegesets`	Ability to update privilege sets.
	`auth/delete/privilegesets`	Ability to delete privilege sets.
	`auth/create/roles`	Ability to create roles.
	`auth/view/roles`	Ability to view roles.
	`auth/viewall/roles`	Ability to view all roles.
	`auth/update/roles`	Ability to update roles.
	`auth/delete/roles`	Ability to delete roles.
	`auth/create/userattributes`	Ability to create user attributes.
	`auth/view/userattributes`	Ability to view user attributes.
	`auth/viewall/userattributes`	Ability to view all user attributes.
	`auth/update/userattributes`	Ability to update user attributes.
	`auth/delete/userattributes`	Ability to delete user attributes.
	`auth/update/userroles`	Ability to update user roles.
	`auth/view/userroles`	Ability to view user roles.
	`auth/delete/userroles`	Ability to delete user roles.
`ROLE_REG_USER`	`auth/view/roles`	Ability to view roles.
`ROLE_ACCOUNT_ADMIN`	`auth/view/userroles`	Ability to view user roles.
`ROLE_ACCOUNT_ADMIN`	`auth/update/userroles`	Ability to update user roles.
`ROLE_ACCOUNT_BUYER_ADMIN`	`auth/buyeradmin/all`	Ability to perform all operations based on the given privileges as in the privilege group `auth/buyeradmin/all`.
`ROLE_ACCOUNT_REP`	`auth/view/userroles`	Ability to view user roles.
`ROLE_CUSTOMER_ADMIN`	`auth/create/session`	Ability to create a session.
`ROLE_CUSTOMER_ADMIN`	`auth/update/userroles`	Ability to update user roles.
`ROLE_CSR_ADMIN`	`auth/create/session`	Ability to create a session.
`ROLE_CSR_ASSOCIATE`	`auth/create/session`	Ability to create a session.
`ROLE_STORE_OPERATOR`	`auth/create/session`	Ability to create a session.
`ROLE_STORE_OPERATOR`	`auth/update/userroles`	Ability to update user roles.

Privilege Group and Privileges

The following table describes the privilege group and privileges of the Authorization microservice:

Privilege Group	Privilege	Description
`auth/admin/all`	`auth/create/authgroups`	Ability to create an authgroup.
	`auth/view/authgroups`	Ability to view an authgroup.
	`auth/viewall/authgroups`	Ability to view all authgroups.
	`auth/update/authgroups`	Ability to update an authgroup.
	`auth/delete/authgroups`	Ability to delete an authgroup.
	`auth/create/collections`	Ability to create a collection.
	`auth/view/collections`	Ability to view a collection.
	`auth/viewall/collections`	Ability to view all the collections.
	`auth/update/collections`	Ability to update a collection.
	`auth/view/collectionproperties`	Ability to view a collection property.
	`auth/viewall/collectionproperties`	Ability to view all the collection properties.
	`auth/update/collectionproperties`	Ability to update a collection property.
	`auth/create/dynamicprivileges`	Ability to create a dynamic privilege.
	`auth/view/dynamicprivileges`	Ability to view a dynamic privilege.
	`auth/viewall/dynamicprivileges`	Ability to view all the dynamic privileges.
	`auth/update/dynamicprivileges`	Ability to update a dynamic privilege.
	`auth/delete/dynamicprivileges`	Ability to delete a dynamic privilege.
	`auth/create/groupattributes`	Ability to create a group attribute.
	`auth/view/groupattributes`	Ability to view a group attribute.
	`auth/viewall/groupattributes`	Ability to view all the group attributes.
	`auth/update/groupattributes`	Ability to update a group attribute.
	`auth/delete/groupattributes`	Ability to delete a group attribute.
	`auth/view/privileges`	Ability to view a privilege.
	`auth/viewall/privileges`	Ability to view all the privileges.
	`auth/create/privileges`	Ability to create privileges.
	`auth/update/privileges`	Ability to update privileges.
	`auth/delete/privileges`	Ability to delete privileges.
	`auth/view/privilegesets`	Ability to view privilege sets.
	`auth/viewall/privilegesets`	Ability to view all the privilege sets.
	`auth/create/privilegesets`	Ability to create privilege sets.
	`auth/update/privilegesets`	Ability to update privilege sets.
	`auth/delete/privilegesets`	Ability to delete privilege sets.
	`auth/create/roles`	Ability to create roles.
	`auth/view/roles`	Ability to view roles.
	`auth/viewall/roles`	Ability to view all the roles.
	`auth/update/roles`	Ability to update roles.
	`auth/delete/roles`	Ability to delete roles.
	`auth/create/userattributes`	Ability to create user attributes.
	`auth/view/userattributes`	Ability to view user attributes.
	`auth/viewall/userattributes`	Ability to view all the user attributes.
	`auth/update/userattributes`	Ability to update user attributes.
	`auth/delete/userattributes`	Ability to delete user attributes.
	`auth/update/userroles`	Ability to update user roles.
	`auth/view/userroles`	Ability to view user roles.
	`auth/delete/userroles`	Ability to delete user roles.
	`auth/view/openidclients`	Ability to view open ID clients.
	`auth/create/openidclients`	Ability to create open ID clients.
	`auth/update/openidclients`	Ability to update open ID clients.
	`auth/viewall/openidclients`	Ability to view all the open ID clients.
	`auth/delete/openidclients`	Ability to delete open ID clients.
`auth/buyeradmin/all`	`auth/create/authgroups`	Ability to create an authgroup.
	`auth/view/authgroups`	Ability to view an authgroup.
	`auth/viewall/authgroups`	Ability to view all authgroups.
	`auth/update/authgroups`	Ability to update an authgroup.
	`auth/delete/authgroups`	Ability to delete an authgroup.
	`auth/create/groupattributes`	Ability to create a group attribute.
	`auth/view/groupattributes`	Ability to view a group attribute.
	`auth/viewall/groupattributes`	Ability to view all the group attributes.
	`auth/update/groupattributes`	Ability to update a group attribute.
	`auth/delete/groupattributes`	Ability to delete a group attribute.
	`auth/view/privileges`	Ability to view a privilege.
	`auth/viewall/privileges`	Ability to view all the privileges.
	`auth/view/privilegesets`	Ability to view privilege sets.
	`auth/viewall/privilegesets`	Ability to view all the privilege sets.
	`auth/create/privilegesets`	Ability to create privilege sets.
	`auth/update/privilegesets`	Ability to update privilege sets.
	`auth/delete/privilegesets`	Ability to delete privilege sets.
	`auth/create/roles`	Ability to create roles.
	`auth/view/roles`	Ability to view roles.
	`auth/viewall/roles`	Ability to view all the roles.
	`auth/update/roles`	Ability to update roles.
	`auth/delete/roles`	Ability to delete roles.
	`auth/create/userattributes`	Ability to create user attributes.
	`auth/view/userattributes`	Ability to view user attributes.
	`auth/viewall/userattributes`	Ability to view all the user attributes.
	`auth/update/userattributes`	Ability to update user attributes.
	`auth/delete/userattributes`	Ability to delete user attributes.
	`auth/update/userroles`	Ability to update user roles.
	`auth/view/userroles`	Ability to view user roles.
	`auth/delete/userroles`	Ability to delete user roles.

Revision History
2023-01-17 | AN – Content updated for 8.13 release.
2019-09-30 | AM – Content uploaded.

Roles and Privileges – Authorization

Roles and Privileges

Privilege Group and Privileges