Solution Security
Permissions-based User Access
The User Management (UMM) microservice allows administrators to create local users or get all contact center users and give them restricted access to the application. For instance, an agent can only view dashboards but a supervisor can create and manage dashboards and dashboard groups.
Each user that is logged into the Dashboard application gets authenticated by the UMM, which further checks its access permissions to segregate what the user can see after getting logged in. Please note that each user upon a valid login has access to view all dashboards in the admin application. However, any user can only make changes to dashboards if given the respective permission to do that.
Note:
- Currently, the permissions can only be granted on selective lists/entities. More granular permissions on the level of selective fields or certain data cannot be granted.
- The password reset option is not available for local users. If a local user has forgotten his password, he needs to request the admin to create a new account to get logged in.
- User-based access to selective dashboards is currently not available. That is, dashboards cannot be created or assigned to selective teams.
The application also allows administrators to create local user accounts for supervisors or/and agents with a user-defined password and username. Restricted permissions on the level of entities allow administrators to assign selective privileges to a particular group of users. For instance, allow call center agents to view all dashboards while restricting any edits, while allowing supervisors to create and manage dashboards on their own.
HTTP/S Support
The application supports HTTP and HTTPS. However, to run the application over HTTPS requires to get a domain-signed certificate from a valid CA.