Topics included in this article:
- Permissions-Based Roles
- How to Create a Role
- Role Assignment
- Permissions and the Access They Grant
- Cloning a Role
- Helpful Links
- Contact Support or Sales
Permissions-Based Roles
It's common for admins to manage the content users can access. Chances are, there are a set of cameras, sensors, or access control devices within your organization that only specific people should be able to access. With permissions-based roles, you can control the level of visibility and access to devices within the console.
How to Create a Role
1. To set up a new role, login to the Rhombus Console and navigate to Settings -> Manage Roles.
2. Next, select "Add Role" in the upper right-hand corner, and a window will appear to create the role.
3. Enter the name for this role and click next in the bottom right corner.
4. The following screen allows you to select specific permissions for administrative actions to which the role will have access. When you are finished, click next in the bottom right corner.
5. The final step of role creation is selecting which locations and which devices within those locations this role will have access to. If you enable the "Edit all locations" toggle in the upper left corner, any changes you make to the "Live Only," "View Only," or "View & Manage" settings will apply to all locations in your organization. Alternatively, if "Edit all locations" is not enabled, you can select "No Access" for specified locations.
Live Only
- The user can only view live footage for the selected devices.
View Only
- The user can only view the selected devices.
View & Manage
- The user can view footage from the selected devices and manage the settings for them.
6. Enabling the "Add future locations with default setting" will apply the same settings you create for this role to newly added locations in your organization.
7. Toggling off the "Apply to All" switch will allow you to choose the individual devices at the specified location to which this role will have access.
8. Once you have finished selecting access and device permissions for the role, click "Create Role" in the bottom right corner.
Note: Any camera that a role is not permitted to access will not be visible when a user assigned that role logs into the console via the website or mobile app. Furthermore, that role will not be able to see any alerts or saved clips specific to that camera.
Role Assignment
Once you have created your new role, you can apply it to any user by navigating to Settings -> Manage Users, selecting the user, and clicking the drop-down menu on the left side of the screen.
When creating a new user, you will be required to assign a role to the user being created.
Note: Every organization has a "Super Admin" role by default, which cannot be removed. Users assigned this role are allowed to access everything within the account.
Permissions and the Access They Grant
Enabling permissions will grant roles with specific access and administrative actions within the Rhombus console. Below is a breakdown of each individual permission and what that permission allows a user to access.
Permission | Type of Access Granted |
Devices : Register | Enabling these permissions will allow users to register hardware to the console, and reboot devices. |
Devices : Delete | Enabling this will allow a user to delete a device by unregistering it. |
Locations : Add, edit, and delete | Enabling these permissions will allow users to create new locations and edit any associated details. |
Account settings : View and manage | Enabling this permission will allow users to view and change account-level settings, such as changing the account name or account owner. |
API administration : View and manage | Enabling this permission will grant users access to API settings and create API keys to communicate with external programs. This permission also allows users to manage Apple TV settings as they use an API to communicate with Rhombus. |
Audit logs and reports : View and manage | Enabling this permission will grant users access to the account logs and reports. These logs and reports include an audit history of users' actions within the console, device inventory, device bandwidth reports, etc. |
Faces : View and manage | Enabling this permission will allow users to view and edit the details (update name, assign label, mark as inaccurate detection, etc.) of faces captured by the cameras' facial recognition software. |
Integration settings : View and manage | Enabling this permission will grant users access to the Third Party Integrations tab, allowing them to create new integrations or alter existing ones. |
License plates : View and manage | Enabling this permission will allow users to view and edit the details (update name, assign label, etc.) of license plates captured by the cameras' license plate recognition software. |
Licenses : View and manage | Enabling this permission will grant users access to the Licenses tab, allowing them to apply or remove enterprise licenses and features from devices. |
Policies : Manage | Enabling this permission will grant users access to the Alert Policies tab, allowing them to create new device alert policies or edit/delete existing ones. This permission also grants access to manage the rules engine, cloud archiving, audio files, and schedules. |
Users : View and manage | Enabling this permission will allow users to view and manage details pertaining to other users in the account. This includes adding new users, removing existing users, altering roles or notifications for users, etc. |
Video : Share and download |
Enabling this permission will allow users to create, share, and download clips of footage. Note: Viewing a shared stream in the console is dependent on having at least "View Only" permissions for the device from which the stream has been shared. |
Unlock Doors : Door access administration |
Enabling this permission will allow users to unlock a door via the web console. Note: This permission does not affect the "Remote Unlock" setting for the Rhombus Key app. |
Authentication administration : Manage | Enabling this permission will allow users to manage SSO settings, access control credentials, and OAuth settings, as well as enable/disable 2-factor authentication. |
Firmware administration : Manage | Enabling this permission will grant users access to the "Firmware Updates" tab, allowing them to manually update device firmware or create a schedule to update device firmware during specific hours of the day. |
Alarm Monitoring : View and Manage | Enabling this permission will allow users to view and manage all clips and settings pertaining to Alarm Monitoring. This includes managing the emergency response contacts, first-responder entry instructions, and alert keypad PINs. |
Alarm Monitoring : View Only | Enabling this permission will allow users to view Alarm Monitoring details but will restrict them from making changes to the Alarm Monitoring settings. |
When a role has been created and assigned, you will be able to see the Users for that role, Support Authorities (partners), and any created API Tokens that have been assigned to the role, including Apple TVs.
Cloning a Role
Cloning a role allows you to create a secondary role that starts with the same base access but can be altered if you want to change the access slightly. Begin by navigating to Settings -> Manage Roles. Once there, find the role you wish to clone and select "Clone" on the right side. You must review the permissions and device access before saving the role.
Helpful Links
Contact Support or Sales
Have more questions? Contact Rhombus Support at +1 (877) 746-6797 option 2 or support@rhombus.com.
Interested in learning more? Contact Rhombus Sales at +1 (877) 746-6797 option 1 or sales@rhombus.com.
Comments
0 comments
Please sign in to leave a comment.