Privileges#
Permissions and privileges are organized via organization-memberships of persons:
- a person can be assigned to an organization
- this assignment has zero, one or multiple roles
- roles are encoded into a person's ID token
- the privileges from multiple assigned roles are combined
The following roles exist:
Identifier | Manage organization, uses, data | Change subscription | View contract, invoices | Use TeamBeam Transfer | Use TeamBeam Spaces |
---|---|---|---|---|---|
Organization.Admin | ✅ | ✅ | ✅ | ||
Contract.Admin | ✅ | ✅ | |||
Contract.Read | ✅ | ||||
Service.All.Use | ✅ | ✅ | |||
Service.Transfer.Use | ✅ | ||||
Service.Spaces.Use | ✅ |