The following table describes the roles and privileges of the Authorization microservice:

Role NamePrivilege Group /PrivilegeDescription
ROLE_AUTH_ADMINauth/admin/allAbility to perform all operations based on the given privileges as in the privilege group auth/admin/all.
ROLE_ACCOUNT_BUYERauth/create/authgroupsAbility to create authgroups.
auth/view/authgroupsAbility to view authgroups.
auth/viewall/authgroupsAbility to view all authgroups.
auth/update/authgroupsAbility to update authgroups.
auth/delete/authgroupsAbility to delete authgroups.
auth/create/groupattributesAbility to create group attributes.
auth/view/groupattributesAbility to view group attributes.
auth/viewall/groupattributesAbility to view all group attributes.
auth/update/groupattributesAbility to update group attributes.
auth/delete/groupattributesAbility to delete group attributes.
auth/view/privilegesetsAbility to view privilege sets.
auth/viewall/privilegesetsAbility to view all privilege sets.
auth/create/privilegesetsAbility to create privilege sets.
auth/update/privilegesetsAbility to update privilege sets.
auth/delete/privilegesetsAbility to delete privilege sets.
auth/create/rolesAbility to create roles.
auth/view/rolesAbility to view roles.
auth/viewall/rolesAbility to view all roles.
auth/update/rolesAbility to update roles.
auth/delete/rolesAbility to delete roles.
auth/create/userattributesAbility to create user attributes.
auth/view/userattributesAbility to view user attributes.
auth/viewall/userattributesAbility to view all user attributes.
auth/update/userattributesAbility to update user attributes.
auth/delete/userattributesAbility to delete user attributes.
auth/update/userrolesAbility to update user roles.
auth/view/userrolesAbility to view user roles.
auth/delete/userrolesAbility to delete user roles.
ROLE_REG_USERauth/view/rolesAbility to view roles.
ROLE_ACCOUNT_ADMINauth/view/userrolesAbility to view user roles.
auth/update/userrolesAbility to update user roles.
ROLE_ACCOUNT_BUYER_ADMINauth/buyeradmin/allAbility to perform all operations based on the given privileges as in the privilege group auth/buyeradmin/all.
ROLE_ACCOUNT_REPauth/view/userrolesAbility to view user roles.
ROLE_CUSTOMER_ADMINauth/create/sessionAbility to create a session.
auth/update/userrolesAbility to update user roles.
ROLE_CSR_ADMINauth/create/sessionAbility to create a session.
ROLE_CSR_ASSOCIATEauth/create/sessionAbility to create a session.
ROLE_STORE_OPERATORauth/create/sessionAbility to create a session.
auth/update/userrolesAbility to update user roles.

The following table describes the privilege group and privileges of the Authorization microservice:
Privilege GroupPrivilegeDescription
auth/admin/allauth/create/authgroupsAbility to create an authgroup.
auth/view/authgroupsAbility to view an authgroup.
auth/viewall/authgroupsAbility to view all authgroups.
auth/update/authgroupsAbility to update an authgroup.
auth/delete/authgroupsAbility to delete an authgroup.
auth/create/collectionsAbility to create a collection.
auth/view/collectionsAbility to view a collection.
auth/viewall/collectionsAbility to view all the collections.
auth/update/collectionsAbility to update a collection.
auth/view/collectionpropertiesAbility to view a collection property.
auth/viewall/collectionpropertiesAbility to view all the collection properties.
auth/update/collectionpropertiesAbility to update a collection property.
auth/create/dynamicprivilegesAbility to create a dynamic privilege.
auth/view/dynamicprivilegesAbility to view a dynamic privilege.
auth/viewall/dynamicprivilegesAbility to view all the dynamic privileges.
auth/update/dynamicprivilegesAbility to update a dynamic privilege.
auth/delete/dynamicprivilegesAbility to delete a dynamic privilege.
auth/create/groupattributesAbility to create a group attribute.
auth/view/groupattributesAbility to view a group attribute.
auth/viewall/groupattributesAbility to view all the group attributes.
auth/update/groupattributesAbility to update a group attribute.
auth/delete/groupattributesAbility to delete a group attribute.
auth/view/privilegesAbility to view a privilege.
auth/viewall/privilegesAbility to view all the privileges.
auth/create/privilegesAbility to create privileges.
auth/update/privilegesAbility to update privileges.
auth/delete/privilegesAbility to delete privileges.
auth/view/privilegesetsAbility to view privilege sets.
auth/viewall/privilegesetsAbility to view all the privilege sets.
auth/create/privilegesetsAbility to create privilege sets.
auth/update/privilegesetsAbility to update privilege sets.
auth/delete/privilegesetsAbility to delete privilege sets.
auth/create/rolesAbility to create roles.
auth/view/rolesAbility to view roles.
auth/viewall/rolesAbility to view all the roles.
auth/update/rolesAbility to update roles.
auth/delete/rolesAbility to delete roles.
auth/create/userattributesAbility to create user attributes.
auth/view/userattributesAbility to view user attributes.
auth/viewall/userattributesAbility to view all the user attributes.
auth/update/userattributesAbility to update user attributes.
auth/delete/userattributesAbility to delete user attributes.
auth/update/userrolesAbility to update user roles.
auth/view/userrolesAbility to view user roles.
auth/delete/userrolesAbility to delete user roles.
auth/view/openidclientsAbility to view open ID clients.
auth/create/openidclientsAbility to create open ID clients.
auth/update/openidclientsAbility to update open ID clients.
auth/viewall/openidclientsAbility to view all the open ID clients.
auth/delete/openidclientsAbility to delete open ID clients.
auth/buyeradmin/allauth/create/authgroupsAbility to create an authgroup.
auth/view/authgroupsAbility to view an authgroup.
auth/viewall/authgroupsAbility to view all authgroups.
auth/update/authgroupsAbility to update an authgroup.
auth/delete/authgroupsAbility to delete an authgroup.
auth/create/groupattributesAbility to create a group attribute.
auth/view/groupattributesAbility to view a group attribute.
auth/viewall/groupattributesAbility to view all the group attributes.
auth/update/groupattributesAbility to update a group attribute.
auth/delete/groupattributesAbility to delete a group attribute.
auth/view/privilegesAbility to view a privilege.
auth/viewall/privilegesAbility to view all the privileges.
auth/view/privilegesetsAbility to view privilege sets.
auth/viewall/privilegesetsAbility to view all the privilege sets.
auth/create/privilegesetsAbility to create privilege sets.
auth/update/privilegesetsAbility to update privilege sets.
auth/delete/privilegesetsAbility to delete privilege sets.
auth/create/rolesAbility to create roles.
auth/view/rolesAbility to view roles.
auth/viewall/rolesAbility to view all the roles.
auth/update/rolesAbility to update roles.
auth/delete/rolesAbility to delete roles.
auth/create/userattributesAbility to create user attributes.
auth/view/userattributesAbility to view user attributes.
auth/viewall/userattributesAbility to view all the user attributes.
auth/update/userattributesAbility to update user attributes.
auth/delete/userattributesAbility to delete user attributes.
auth/update/userrolesAbility to update user roles.
auth/view/userrolesAbility to view user roles.
auth/delete/userrolesAbility to delete user roles.

 

Revision History
2023-01-17 | AN – Content updated for 8.13 release.
2019-09-30 | AM – Content uploaded.