Default User Roles and Permissions

SIGN+ offers a set of predefined roles designed to simplify user management, enforce security policies, and ensure that each user has access only to the necessary resources and functions required for their role. These roles are critical in maintaining the integrity of the system, ensuring proper access controls, and facilitating smooth operations across different user types.

The following roles are created by default within SIGN+:

  1. SIGN_Managers
    • Purpose: The SIGN_Managers role is designed for users with managerial responsibilities within SIGN+. These users oversee signing policies, manage user roles, and have access to audit logs to monitor and review the platform's usage.
    • Permissions:
      • Full access to all signing-related resources.
      • Ability to create and modify signing policies.
      • Manage and assign roles to other users.
      • Access to audit trails, usage metrics, and reports.
  2. SIGN_Dev_Build_Users
    • Purpose: SIGN_Dev_Build_Users role is meant for users who require signing capabilities as part of the development and build processes. These users primarily work with code and build artifacts that need to be signed to ensure integrity and authenticity.
    • Permissions:
      • Access to development and build signing functionalities.
      • Ability to manage personal certificates for code signing.
      • View-only access to signing policies and configuration settings.
  3. SIGN_Individual_Users
    • Purpose: SIGN_Individual_Users role is for end users who need basic signing capabilities. These users typically sign documents or assets in the system but do not have any administrative or development responsibilities.
    • Permissions:
      • Basic signing capabilities for documents and files.
      • Access limited to signing assets assigned to them or their projects.
      • No access to user management, policy editing, or audit logs.
  4. SIGN_API_Users
    • Purpose: SIGN_API_Users role is intended for users or applications that interact with SIGN+ programmatically through APIs. This role is essential for automation or integration with other systems, enabling users to integrate SIGN+ capabilities into their own applications.
    • Permissions:
      • Access to SIGN+ API endpoints based on predefined API permissions.
      • Limited signing capabilities through API for designated assets.
      • No interactive access to the SIGN+ UI.
    Each of these roles comes with specific permissions tailored to their intended use cases, ensuring that users can perform their responsibilities effectively.