Access management
In the following, you will get to know all details on access management. Access management allows you, as a reseller, customer or account administrator, to set up additional administrators and grant the administrators access to resellers, customers, accounts or projects that you also have access to.
Grant access
You can grant a user access to the following rights:
- Reseller
- Customer
- Account
- Project
How to grant a user access to the rights:
Requirement
- You have access to the reseller, the customer, the account or the project you want to grant access to.
- In the navigation bar under Administration, click Access management.
- Click Grant access.
- Under Enter email address of the user for authorization enter the email address of the user you want to grant access to.
- Click on the access right you want to grant:
- Grant access to a reseller
- Grant access to a customer
- Grant access to an account
- Grant access to a project
- Click on the reseller, the customer, the account or the project the access should be restricted to.
- You have granted the user access to the relevant right.
Expand access
You can grant users not only one access right, but also multiple access rights at different levels.
How to expand the access of a user:
Requirement
- You have access to the reseller, the customer, the account or the project you want to grant access to.
- In the navigation bar under Administration, click Access management.
- Click on the users whose access you want to expand.
- Click on the access right that you would like to grant additionally:
- Grant access to a reseller
- Grant access to a customer
- Grant access to an account
- Grant access to a project
- Click on the reseller, the customer, the account or the project you want to grant access to.
- You have expanded the access for the user.
Revoke access
How to revoke access from a user:
Requirement
- You have access to the reseller, the customer, the account or the project from which you want to revoke access.
- In the navigation bar under Administration, click Access management.
- Click on
next to the user from which you want to revoke access.
- Click Delete.
- You have revoked the access.
NOTICE
Completely delete a user
If all access rights are revoked from users, the users will not be deleted. To delete users completely, contact the VIER Customer Service Desk.
Create service account
Service accounts are special accounts in IT systems. They allow applications, services or scripts to access resources automatically. This facilitates machine-to-machine (M2M) communication without the need for human user intervention. A typical use-case in VIER Cognitive Voice Gateway is fetching CDRs using the CDR API, which always required strict explicit authentication.
Service accounts can be created for a single organization unit in VIER Cognitive Voice Gateway and the account has then access to all units below it. So for example a customer admin could create a service account for their customer “VIER GmbH”, which would then have access to the customer as well as to all accounts and projects below it. Access management works exactly as it does for users, except that one service account can only have access to exactly one organizational unit.
The credentials linked to the service account (client_id
and client_secret
) must be used as part of OAuth2’s Client Credentials Grant to perform the authentication and to obtain an access token that can be used to perform requests against the VIER Cognitive Voice Gateway API.
You can create service accounts for the following units:
- Reseller
- Customer
- Account
- Project
How to create service accounts:
Requirement
- You have access to the reseller, the customer, the account or the project you want to grant access to.
- In the navigation bar, click Administration > Access management > SERVICE ACCOUNTS.
- Click CREATE SERVICE ACCOUNT.
- Enter a name for the service account.
- Click on the access right you want to grant:
- + CREATE FOR RESELLER
- + CREATE FOR CUSTOMER
- + CREATE FOR ACCOUNT
- + CREATE FOR PROJECT
- You have created the service account.