User permissions

Permission wise (to Data Containers) Keytiles comes with so called "role based" system. You can assign one User into multiple roles. Let's clarify which is good for what.

Content of this page

• # "Admin" role
• # "Viewer" role
• # "Developer" role
• # "Finance" role

"Admin" role

The Admins are responsible for managing Data Containers. Therefore this is a key role really. Each Data Container MUST have at least one Admin. Always. And Keytiles is enforcing this.

Admins can do the following:

• Can manage users and their roles regarding the Data Container.

• Can see Container related users e-mail addresses too (normally Keytiles does not expose this data to anyone)

• Can change Data Container settings and subscription plan

• Can customize all "satellite" product settings like TileView, Reporting etc.

• Can do everything a "Viewer" can do.

• Can do everything "Developer" role can do.

What Admins can NOT do:

• What "Finance" role does. Admins by default can not view/see financial information. This is a "technical God" role.
  But nothing stops you to grant Finance role as well to an Admin... ;-)

"Viewer" role

As the name indicates a Viewer can just view data in the Data Container.

Viewers can do the following:

• Can see Container analytics data
  User can also use API endpoints which returns analytics data

• Can query the Container resource (Management API) he belongs to

"Developer" role

The goal of this role is simple: grant access to your developers in order to let them see and fix potential problems.

Developers can do the following:

• Can access Hit Fault reports in order to fix problems.
• Can access all (even future) tools which helps them troubleshooting tracking

But what Developers can NOT do is basically anything else. By default

• They can NOT view analytics data - if you want grant Viewer role for the user.
  This is also true for API query endpoints which return analytics data.
• They can NOT change any settings nor access financial data or reports

"Finance" role

The goal of this role is to grant access to financial related information related to a Data Container. This is all.

It is an important role really. So each Data Container MUST have at least one Finance role user. Always. And Keytiles is enforcing this.

Just like Developer role this role is also a purely functional role and does NOT grant access to technical settings or even to see the analytics data.

Finance role can do the following:

• See financial information - invoices and balance.
• Receives all financial related notifications or alerts.
  Like "now you should pay" things... :-P