Privileges#
Permissions and privileges are organized via organization-memberships of persons:
- a person can be assigned to an organization
- this assignment has zero, one or multiple roles
- roles are encoded into a person's ID token
- the privileges from multiple assigned roles are combined
The following roles exist:
| Identifier | Manage organization, uses, data | Change subscription | View contract, invoices | Use TeamBeam Transfer | Use TeamBeam Spaces |
|---|---|---|---|---|---|
| Organization.Admin | ✅ | ✅ | ✅ | ||
| Contract.Admin | ✅ | ✅ | |||
| Contract.Read | ✅ | ||||
| Service.All.Use | ✅ | ✅ | |||
| Service.Transfer.Use | ✅ | ||||
| Service.Spaces.Use | ✅ |