Access Control

Last verified: 2024-12-26 This guide is for administrators who need to configure access control, roles, and permissions in Veratrace. Related: Source: Feature Inventory

Current Status

Permission enforcement is not found in the frontend codebase. Roles exist in mock data only. Source: Source: Feature Inventory

Available Roles

The following roles are currently defined in mock data:

Administrator

Full access to all features and settings
24 permissions
Can manage all resources (users, TWU models, agents, integrations)

Source: /Users/vincentgraham/clearline-ui/src/features/users/mockRoles.js

Manager

Access to management features and reporting
16 permissions
Can view and manage most resources

Source: /Users/vincentgraham/clearline-ui/src/features/users/mockRoles.js

Viewer

Read-only access to reports and dashboards
8 permissions
Can view but not modify resources

Source: /Users/vincentgraham/clearline-ui/src/features/users/mockRoles.js

Editor

Can create and edit content, but cannot delete
12 permissions
Limited modification capabilities

Source: /Users/vincentgraham/clearline-ui/src/features/users/mockRoles.js

Manage Users

Create and manage user accounts:

Navigate to /users
Click Create User or navigate to /users/create
Fill in user details:
- Username
- Email
- Name (first, middle, family)
- Temporary password
Save the user

UI Route: /users/create** Source: Source: Feature Inventory

Assign Roles

UI Route: /users/:userId/edit Source: Source: Feature Inventory

Enable/Disable Users

Control user access:

Navigate to /users/:userId/edit
Toggle Enabled status
Save changes

API: PUT /instances/:instanceId/users/:userId Request body:

{
  "enabled": false
}

Source: Source: Feature Inventory

Permission Enforcement

No role-based access control (RBAC) or permission checks found in frontend code. Source: Source: Feature Inventory

Authentication Configuration

Veratrace uses AWS Cognito for authentication. Each instance has its own Cognito user pool. Configuration:

userPoolId - AWS Cognito User Pool ID
clientId - Cognito OIDC client ID
region - AWS region

Source: Source: Feature Inventory

Compliance Considerations

Permissions Reference - Complete permissions reference
Manage Users Guide - User management
Instance Setup - Configure instance authentication

Getting Started

Concepts

Guides

Admin

Changelog

Current Status

Available Roles

Administrator

Manager

Viewer

Editor

Manage Users

Assign Roles

Enable/Disable Users

Permission Enforcement

Authentication Configuration

Compliance Considerations

Getting Started

Concepts

Guides

Admin

Changelog

​Current Status

​Available Roles

​Administrator

​Manager

​Viewer

​Editor

​Manage Users

​Assign Roles

​Enable/Disable Users

​Permission Enforcement

​Authentication Configuration

​Compliance Considerations

​Related

Current Status

Available Roles

Administrator

Manager

Viewer

Editor

Manage Users

Assign Roles

Enable/Disable Users

Permission Enforcement

Authentication Configuration

Compliance Considerations

Related