Privileges#
Permissions and privileges are organized via organization-memberships of persons:
- a person can be assigned to an organization
- this assignment has zero, one or multiple roles
- roles are encoded into a person's ID token
- the privileges from multiple assigned roles are combined
The following roles exist:
Identifier | Manage organization, users, data | Change subscription | View contract, invoices | Use TeamBeam Transfer | Create root folder in TeamBeam Archive | Create Space in TeamBeam Drive |
---|---|---|---|---|---|---|
Organization.Admin | ✅ | ✅ | ✅ | |||
Contract.Admin | ✅ | ✅ | ||||
Contract.Read | ✅ | |||||
Service.Transfer.Use | ✅ | |||||
Service.Transfer.Archive.CreateRoot | ✅ | |||||
Service.Drive.CreateSpace | ✅ |