System administrators belong to groups with permissions to manage authorisation. Developers integrating third-party systems belong to groups with permissions to manage API integrations and streams.
The table Platform permissions details the features and corresponding authorisation areas.
|
Feature |
Authorisation area |
Description |
|---|---|---|
|
Authorisation |
Manage authorisation to create roles and assign groups to roles. |
|
|
Admissions integrations |
Manage the API client credentials for integrations API access, such as the scopes that are granted to the client. |
|
|
View and edit applications, person data, reference data, and staff. |
||
|
Subscribe to events from Admissions, Callista, reference data, SITS, and Visa sponsorship. |
||
|
View and edit reference data. |
||
|
Maytas integrations |
Manage the API client credentials for integrations API access, such as the scopes that are granted to the client. |
|
|
Permissions for full or read-only access. |
||
| Semestry |
Manage the API client credentials for integrations API access, such as the scopes that are granted to the client. |
|
|
Read and write access to the Semestry APIs. |
||
| SITS integration |
Manage the API client credentials for integrations API access, such as the scopes that are granted to the client. |
|
|
Read and write access to SITS students, reference data, module occurrences, and other related information. |
||
|
Streams |
Manage Azure event streams and event forwarding. |
The roles and permissions of the authorisation areas are as follows:
Admin
The Admin area defines the default roles, permissions, groups to manage authorisation and custom attributes. The table Admin roles and permissions details the default permissions for the Edge Administrator role.
|
Permissions |
Edge Administrator |
Description |
|---|---|---|
|
Event forwarding - Manage |
Yes |
Manage event forwarding endpoints. |
|
Event history - Manage |
Yes |
Manage the event history. |
|
Manage API client credentials |
Yes |
Manage the API client credentials for integrations API access. |
|
Manage authorisation |
Yes |
Roles that can manage authorisation. |
|
Manage AWS streams |
Yes |
Manage AWS event streams. |
|
Manage Azure streams |
Yes |
Manage Azure event streams. |
|
Show required permissions |
Yes |
Permissions for showing required permissions. |
Admissions integration
The table Admissions integration details the default permissions and External administrator role.
|
Permissions |
External administrator |
Description |
|---|---|---|
|
Applicant – Edit |
Yes |
Edit the details of an applicant. |
|
Applicant – View |
Yes |
View the details of an applicant. |
|
Application – Delete |
Yes |
Delete applications |
|
Application completion status – Edit |
Yes |
Set the application completion status. |
|
Applications – Edit |
Yes |
Edit the details of applications. |
|
Applications – View |
Yes |
View the details of applications. |
|
Clearance check – Edit |
Yes |
Edit the clearance checks of an application. |
|
Clearance check – View |
Yes |
View the clearance checks of an application. |
|
Document – Edit |
Yes |
Edit the documents of an applicant, such as the passport. |
|
Document – View |
Yes |
View the documents of an applicant, such as the passport. |
|
Notes – Create |
Yes |
Create notes for an application. |
|
Notes – Edit |
Yes |
Edit notes for an application. |
|
Notes – View |
Yes |
View notes for an application. |
|
Person – Edit |
Yes |
Edit the person profile details. |
|
Person – View |
Yes |
View the person profile details. |
|
Person sensitive – Edit |
Yes |
Edit the sensitive characteristics of a person. Person sensitive data will be available in a future release.
|
|
Person sensitive – View |
Yes |
View the sensitive characteristics of a person. Person sensitive data will be available in a future release.
|
|
Reference data – Edit |
Yes |
Edit reference data. |
|
Reference data – View |
Yes |
View reference data. |
|
Staff – Edit |
Yes |
Edit staff details. |
|
Staff – View |
Yes |
View staff details. |
Events integration
The table Events integration permissions details default permission for the Events subscriber role.
|
Permissions |
Events subscriber |
Description |
|---|---|---|
|
Subscribe to events |
Yes |
Subscribe to events from the service with child areas to subscribe to events from Admissions, Callista, Maytas, and reference data. |
Maytas integration
The table Maytas integration details the default permissions for the Maytas integration - Full access and Maytas integration - Read-only access roles.
|
Permissions |
Maytas integration - Full access |
Maytas integration - Read-only access |
Description |
|---|---|---|---|
|
Maytas integration – Read |
Yes |
Yes |
Read access to Maytas APIs. |
|
Maytas integration – Write |
Yes |
No |
Write access to Maytas APIs. |
Reference data integration
The table Reference data integrations permissions details the default permissions and External administrator role.
|
Permissions |
External administrator |
Description |
|---|---|---|
|
Reference data – View |
Yes |
View imports and setting for reference data integrations. |
|
Reference data – Edit |
Yes |
Edit imports and setting for reference data integrations. |
Semestry integration
The table Semestry integration permissions details the permissions for Semestry.
|
Permissions |
Description |
|---|---|
|
Semestry integration – Read |
Read access to the Semestry APIs. |
|
Semestry integration – Write |
Write access to the Semestry APIs. |
SITS integration
The table SITS integration permissions details the permissions for integrations with SITS:Vision.
|
Permissions |
Description |
|---|---|
|
SITS – Applicants – Read |
Read access to SITS applicants. |
|
SITS – Documents – Read |
Read access to SITS documents. |
|
SITS – Documents – Write |
Write access to SITS documents. |
|
SITS – Finance – Write |
Write access to SITS finance. |
|
SITS – Module occurrences – Read |
Read access to SITS module occurrences. |
|
SITS – Module occurrences – Write |
Write access to SITS module occurrences. |
|
SITS – Reference data – Read |
Read access to SITS reference data. |
|
SITS – Students – Read |
Read access to SITS students. |
|
SITS – Students – Sensitive characteristics – Read |
Read access to student's sensitive characteristics. |
|
SITS – Students – Write |
Write access to SITS students. |