Fuse uses a User, Group, and Role structure for managing security. This document will explain their purpose as well as some best practices.
Users represent a person that can authenticate to the system to view data and perform actions. Users have properties that define their log in credentials and preferences. These preferences can be changed by the user by accessing their My Profile page.
Groups represent a collection of Users. Any permission given to a Group is inherited by any User in that Group. Many features in Fuse allow Groups to be used for selection instead of the Users directly.
Roles represent access to features and data. A Role defines a discrete set of permissions. Define the many Roles that match how Users will interact with Fuse.
We recommend using the following rules when assigning Users, Groups, and Roles.
- Create Roles to grant access to features and data.
- Create Groups that represent departments, teams, etc.
- Assign Groups to Roles.
- Assign Users to Groups
You Should Not
- Assign Roles directly to a User.
- Grant access to features or data directly to a User.
- Grant access to features or data directly to a Group.
Understanding the purpose of Users, Groups, and Roles is an important step. By following these rules, security in Fuse will be easy to update and maintain. If you have any questions about security in Fuse, please contact our support team.