Role-Based Permissions is Evo's way of implementing "Zero Trust" for your administrative users. When an administrative user is first granted access to Evo, they will not have any roles or permissions assigned to them. The Global Admin must create a Role-Based Permissions group, and assign the appropriate roles to the admins that belong to that group. This is very beneficial for restricting or granting access to various parts of the portal, as well as the ability to use product features, such as Elevated Access. Many roles are self-explanatory, but some need a bit more detail. Please refer to this page for more detail of the roles - List of Roles within Role-Based Permissions
Permission groups can only be assigned to users with a user type of Admin. If you have added a directory that will sync users with Evo, you will first need to convert the user types to admin, as they would have been synced with a type of user.
Permission groups are managed from your main dashboard. Permissions for a given group are broken down into areas and screens within the Evo admin portal.
How to add a permission group
A user can only be assigned to one permission group. The group they are associated with be the same permissions granted for all tenants they have access to.
- From the dashboard, click Access.
- Click Role-Based Permissions.
- Click Create New Permission Group.
- Enter a name for the new group, and optionally a description.
- Click Next Step.
- Based on the groups access requirements, check each appropriate permission. Once all permissions have been checked, click Next Step.
- From the list of User Groups, assign a group.
- From the list of administrators. Check the row for each administrator to be included in the group.
- Click Add Permission Group.
Now that the permission group has been created. Don’t forget to set the users tenant access. Refer to How do I manage my tenant access permissions?
How to edit a permission group
- From the dashboard, click Access.
- Click Role-Based Permissions.
- In the displayed list of permission groups, find the one you want to edit. Click the name of the group in the appropriate row.
- Make the edits you want.
- Click Save Changes.
How to delete permission groups
- From the dashboard, click Access.
- Click Role-Based Permissions.
- In the displayed list of permission groups, find the one you want to delete. Click the "trashcan" at the end of the row.
- Click Delete.