A person’s usability within FlowWorks is determined by two things: 1) the role(s) they have been assigned; and 2) the Security Group(s) to which they belong. By carefully configuring role-types and security groups, the proper mix of capabilities and access can be provided to a user, permitting them to perform their assigned functions.
Important: Please read this article carefully before creating new users, to ensure security of your entire user network is well maintained!
An organization subscribed to FlowWorks software services.
An individual working under a client, who logs-in to FlowWorks using their own login credentials.
A user’s assigned function(s) and responsibilities in FlowWorks. Roles are useful for limiting or extending a user’s accessibility to tools (such as F.A.C.E and Alarming) and administrative functions (such as creating and managing user accounts).
A set of permissions that dictate the visibility & accessibility of sites & channels, and custom-made resources (including GIS layers, custom apps and custom screens).
Overall structure / How it works
A client of FlowWorks can have from one to many individual users. The flowchart shown above demonstrates that a single user must be assigned a role and be part of a security group, although each user can be assigned more than one of each. Every role-type dictates the tools and administrative privilege a user has access to; a security group determines the scope of a user’s visibility of (and accessibility to) sites, channels, and custom resources.
User roles determine the permissions that are appended to a user account. A single user can have more than one role.
Important: A role does not ‘inherit’ the privileges of the role below it - although Group Admin is the highest role that can be assigned, privileges from the roles below it do not carry over. Hence, a user must be given the Group Admin role plus all the roles below, to have full access to FlowWorks.
As described in the table, each role comes with its own host of permissions for certain tools, features and functions. Choose all the roles that apply to a respective user in order to provide sufficient access.
Important notes about User Roles
- A role does not inherit the characteristics of any role-types below it. For example, the attributes of the ‘User’ role do not carry over to that of ‘Group Administrator’. For a Group Administrator to be fully capable of using any of the tools in FlowWorks, he/she must also be given the additional role of User. This ‘quark’ allows greater flexibility for security and access.
- With that said, it is also possible to create a user with a ‘Group Administrator’ role-type, who not also having the ‘User’ role-type, can only create and manage other accounts but cannot fully use the features and functions offered by FlowWorks.
To find out how to check and modify a user's role(s), see article "Modifying/checking User Roles".
Types of User Roles
The chart below describes the different types of roles that can be assigned to FlowWorks users. Remember, a user can be assigned more than one of these roles for greater accessibility to features and control.
Security Groups give Group Administrator(s) the power to maintain granular control over their network of sites, channels, and custom resources.
By default, each Client has a Parent security group and each new user is automatically placed in this group. The Parent security group entails the widest network of Sites, Channels, tools to which a user is permitted access. Note that all user Role settings remain active in security groups.
Group Administrators can modify the settings of each security group and organize users accordingly – this is useful for sub-dividing accessibility to certain tools and visibility of sites, channels and custom resources. Parent Security Groups can have numerous 1st level Sub-groups; Sub-groups can have numerous 2nd level Sub-groups, which can have 3rd level Sub-groups; and so on.
Important notes about Security Groups
- If a user is assigned to a Sub-group, the settings of that Group will take precedence over the settings of the Parent Group.
- It is possible to build a security structure that becomes cumbersome to manage and maintain. It is recommended that the Group Administrator(s) invest some time in planning the necessity of permitting / restricting access to Sites, Channels, and Tools prior to creating Security Groups and assigning users thereto.
To find out how to create and edit Security Groups, please see article "Managing Security Groups (Group Administrators only)".
We are here to help you! Please open a new support ticket to quickly get in touch with FlowWorks support!