Add or manage Role

Empower your organization with secure, flexible, and role-based access management in Nodinite. This guide shows you how to create and manage Roles, fine-tune permissions, and enable business users to solve their own problems—reducing IT workload and boosting productivity.

Roles work identically regardless of authentication mode - whether you're using Windows Authentication or OAuth 2.0/OIDC, Roles define what users can access and do once logged in.

Learn more about how Roles work: What is a Role?

Finding Roles in the Web Client

Navigate to Administration > Access Management > Roles to manage your organization's Roles:

Access Management menu showing Roles, Users, and Windows AD Groups.

Before You Begin

Authentication Mode Determines Assignment Method:

• Windows Authentication Mode: Create Users and/or Windows AD Groups first, then assign them to Roles
• OAuth 2.0/OIDC Mode: Create Policies (groups of Claims) first, then assign them to Roles

Note: Your authentication mode is chosen during environment setup in the Nodinite Portal. Once configured, use the assignment method appropriate for your mode. The Role functionality itself is identical in both modes.

Step 1: Add or manage Role

Click the Add/New button to create a new Role.

Here's an example of the 'Add/New' button for Roles.

Step 2: Name and configure the Role

Add essential information about the Role to ensure clarity and ease of management.

Mandatory Fields

• Name: Every Role must have a unique name. This name is used for selection in Log Views and Monitor Views.

  
  Example of an empty role where you must provide the Name.

Once populated in Windows mode, you can see what Users and Windows AD Groups are assigned to the Role. In OAuth 2.0/OIDC mode, you can see what Policies are assigned to the Role.

Example of a Role with assigned Users and Windows AD Groups.

Optional Fields

• Description: Add a description to clarify the purpose of the Role.

Step 3: Assign Role membership

The assignment method depends on your authentication mode:

Windows Authentication Mode

A System Administrator can add or remove:

• Zero or more Users to the Role
• Zero or more Windows AD Groups

To assign Users to the Role, click the Edit button:

Example: Assigning Users to a Role.

To assign Windows AD Groups to the Role, click the Edit button:

Example: Assigning Windows AD Groups to a Role.

OAuth 2.0/OIDC Mode

A System Administrator can add or remove:

• Zero or more Policies to the Role

Policies are groups of Claims (key/value pairs like department=finance or access_level=admin). When a user authenticates through your identity provider (Azure AD, Okta, etc.), their Claims are matched against Policy requirements. If the user's Claims match a Policy's requirements, they are dynamically assigned to that Policy's Roles.

To assign Policies to the Role, click the Edit button and select the appropriate Policies.

Example: A user with Claims department=finance and access_level=editor matches the "Finance Editor Policy" and is automatically assigned to the "Finance Editor" Role.

Next Step

Configure Permission Sets for the Role:

• Log View permission set
• Monitor View permission set
• Repository Model permission set

Related Topics

Permission Sets:

• Permission Set for Log Views
• Permission Set for Monitor Views
• Permission Set for the Repository Model

Windows Authentication Mode:

• Users
• Windows AD Groups
• Add or manage User

OAuth 2.0/OIDC Mode:

• Claims
• Policies

General:

• What is a Role?
• Log Views
• Monitor Views
• Access Management
• Add or manage Log View
• Add or manage Monitor View