User & Role Management

Overview

How would you manage device, organization, access control, third-party service operations and monitor operations? IoTConnect’s Users module allows you to do so.

Users can log in to the IoTConnect platform. They can create, manage and delete users and roles; execute HTTP APIs; access devices, entities, firmware, and settings; and manage if allowed. In IoTConnect terms, manage means rights to add, edit or delete anything in IoT operations.

You can associate users with an organization or an entity. While creating a user in IoTConnect, you need to assign roles and entities. User roles determine which operations a user is allowed to perform.

This guide will provide you with step-by-step instructions on how to manage users and roles in IoTConnect. After going through these guidelines, you should be able to add new users successfully, assign them different levels of authorization using roles, as well as edit or delete existing accounts when needed.

Let’s start with a use case.

A use case to understand users and roles

Imagine your IoT solutions manage commercial buildings. Any commercial building can have three stakeholders: property owner, tenant and facility manager. Assume the facility manager (FM) is your key customer. The FM monitors HVAC systems, security operations, lighting solutions, an access control system, a building energy management system, etc.

The FM wants to design and share dashboards with property owners, tenants, the maintenance team and individual building managers (BMs). Of course, the FM will give different rights to all. For example, individual BM and the maintenance team shall receive alerts when the

Lighting products cannot light up
Brightness does not meet the requirements
Light flickers when lit up

to run the buildings smoothly.

In IoTConnect’s user and role management terms, it looks as the below if we define permissions for each user:

Users	Roles
Property owners and tenants	FM can give subscribers read-only permissions to all devices’ telemetry of the respective buildings. The users can also create their custom dashboards. IoTConnect classifies this role as a reader. Readers have read-only permissions. A reader cannot edit or manage any operations.
Facility managers	Being a key customer, IoTConnect allows FMs to view and manage entities, users, firmware, devices, rules, settings, events and support tickets. IoTConnect addresses this role as administrator. An administrator is a super-user with access to all Users’ module APIs.
Maintenance team and individual BMs	FM can provide the following: Read-only access or managing rights for setting up rules, settings and events Managing users and entities Configuring dashboards Handling support tickets IoTConnect identifies this role as coordinators or developers. A coordinator or developer can have permission to read and manage most building operations executed by an FM.

Let’s configure IoTConnect’s Users’ module as per the above use case. The instructions below believe that you have logged in as a Facility Manager (Owner). Before creating any user, you need to create roles and set permissions.