User Roles
Download OpenAPI specification:Download
This document outlines the roles available within the iotcomms.io platform and how users can assume or assign these roles. The primary purpose of these roles is to manage access to platform features within an organization, ensuring better control and security.
All developer portal features and API endpoints are restricted to specific roles. Understanding these roles and their permissions is essential for utilizing the full capabilities of the iotcomms.io platform while ensuring appropriate access control for each user.
There are currently two ways to assume a role on the iotcomms.io platform.
User-Assigned Roles
The first method is through direct role assignment to a user. A single user can be assigned multiple roles and will simultaneously assume all assigned roles.
To be assigned a role, a user must first sign up on the iotcomms.io platform. The sign-up process can be completed through the developer portal by visiting the login page and selecting the sign-up option. Users may also sign up using a Google account.
Currently, roles can only be assigned by the iotcomms.io team upon request from the organization. Requests typically take up to 48 hours to process.
API Key Roles
A recent update introduced the ability to assign user-owned roles to API keys. This feature has two key implications:
If roles are specified during API key creation, they override the default behavior. By default, all API keys have admin permissions, meaning that API keys without assigned roles inherit full admin access. If a key is explicitly created with only the hybrid_admin role, it will have access only to that role's permissions and will lose admin-level access. If both admin and hybrid_admin permissions are needed, both roles must be assigned to the key.
API keys can hold multiple roles, similar to users. This means that an API key will have access to all assigned role permissions when making API requests.
Important: Users can only assign roles they already have access to when creating API keys. Additionally, users cannot view API keys that include roles they do not have permission to access. However, once a key is created and shared within an organization, other users will gain access to the roles assigned to that key.
Creating an API Key
To create an API key, either visit the API Access Keys section in the developer portal or make an HTTP request using the API Keys PUT method of the provisioning API. Only users with the admin role can create API keys.
Each role grants access to specific features and APIs within the iotcomms.io platform.
Admin
The admin role provides extensive access to service APIs and service configurations. It grants access to the following APIs:
Additionally, this role provides access to key developer portal features, including:
Most of the configuration settings
Hybrid Admin
The hybrid_admin role is responsible for managing hybrid deployments.
This role provides access to:
/hybridadmin API
Hybrid Sites configuration view in the developer portal
Billing Administrator
The billing_administrator role is used for accessing detailed billing information.
Users with this role can:
Navigate to the Billing Statements view
Download monthly billing statements, which provide a detailed breakdown of service charges for each billing period
These statements include granular insights into how services were billed in the respective months.
Admin Role
Used by platform administrators who need full access to manage services, APIs, and configurations.
Hybrid Admin Role
Assigned to teams managing hybrid deployments, ensuring proper integration and oversight.
Billing Administrator Role
Given to finance or accounting personnel for reviewing and managing billing details.
| Role | API Access | Portal Access | Key Responsibilities |
|---|---|---|---|
| Admin | Full | Full | Service & API Management |
| Hybrid Admin | Limited | Hybrid Sites | Hybrid Deployment Management |
| Billing Admin | None | Billing | Billing & Financial Oversight |