This documentation is for WSO2 Enterprise Mobility Manager 2.2.0. View documentation for the latest release.
Adding a Role and Permissions - Enterprise Mobility Manager 2.2.0 - WSO2 Documentation
                                                                                                                                                                                                                                                                                                                                                                                                                 
||
Skip to end of metadata
Go to start of metadata

Follow the instructions below to add a role:

  1. Sign in to the EMM console and click the  icon.
  2. Click USER MANAGEMENT > ROLES.
  3. Click ADD ROLE.
  4. Provide the required details and click Add Role.
    • Domain: Provide the user store type from the list of items.
    • Role Name: Provide the role name. 

    • User List: Define the users belonging to the respective role. Type the first few characters of the username and EMM will provide the list of users having the same characters. You can then select the user/s you wish to add.
  5. Define the permissions that need to be associated with the role you created by selecting the permissions from the permission tree.
    As the permissions are categorized, when the main permission category is selected, all its sub-permissions will get selected automatically. 

    For more information on the APIs associated with the permissions, see Permission APIs.

    PermissionsDescription
    Applications management

    You can install applications on devices registered with WSO2 EMM via the WSO2 App Manager store or you can install applications via the internal REST APIs that is available on WSO2 EMM. This permission ensures that a user is able to install and uninstall applications via the internal APIs that are available in WSO2 EMM.

    For more information on installing applications via the WSO2 Store, see Installing and Updating Mobile Apps.

    Certificate management

    WSO2 EMM supports mutual SSL, where the client verifies that the server can be trusted and the server verifies that the client can be trusted by using digital signatures.  This permission ensures that a user is able to add, modify, view and remove the client-side mutual SSL certificates.

    For more information on managing certificates with the WSO2 EMM console, see Working with Certificates.

    Configurations management

    The monitoring frequency is configured under the general platform configurations in WSO2 EMM. The EMM server uses this parameter to determine how often the devices enrolled with WSO2 EMM need to be monitored.

    This permission enables users to configure, update and view the general platform configurations in WSO2 EMM. In the general platform configurations, you need to define the monitoring frequent, which is how often the EMM server communicates with the device agent.

    For more information, see General Platform Configurations.

    Viewing the device statistics dashboard This permission enables you to access the device statistics dashboard and monitor devices. For more information on the permissions required to access the device statistics dashboard, see Configuring Permissions to Access the Device Statistics Dashboard.
    Manage Devices
    This permission enables you to view and manage all the devices registered with WSO2 EMM.
    Disenroll devices
    This permission enables you to disenroll or unregister Android and Windows devices.
    Enroll devices
    This permission enables you to enroll or register Android, iOS and Windows devices with WSO2 EMM.
    Device Operations
    WSO2 EMM offers various device operations based on the mobile platform. This permission enables users to view and carry out device operations on their devices. Expand the preferred platform and select the operations that need to be enabled for users that belong to the role you are creating.
    Platform configuration management

    In WSO2 EMM the settings can be customized for each platform. This permission enables you to maintain and customize the notification type, notification frequency, and the End User License Agreement (EULA) to suit the requirement of Android, iOS, and Windows mobile platform.

    For more information, see Configuring Platform Settings.

    View notifications

    The failure to carry out operations will be notified to the EMM administrator and the device owner. This permission enables you to view the notifications that were sent.

    For more information on how it works, see Checking Notifications.

    Manage policies

    In WSO2 EMM, you can define policies, which include a set of configurations. WSO2 EMM policies are enforced on the EMM users' devices when new users register with the EMM. The EMM policy settings will vary based on the mobile OS type.

    This permission enables you to add, modify, view, publish, unpublish and remove policies.

    For more information on working with policies, see Managing Policies.

    Manage roles

    WSO2 EMM allows you to create new customized roles. This permission enables you to add, modify, view and remove roles.

    For more information on working with roles, see Managing Roles.

    Manage users

    WSO2 EMM allows you to create and manage users. This permission enables you to add, modify, view and remove users.

    For more information on working with users, see Managing Users.

    Mobile application management

    You are able to create mobile apps in the WSO2 App Manager publisher that is available in WSO2 EMM. In order to create, publish, delete, install and update mobile applications the required permissions must be selected.

    To enable users to subscribe to applications and install an application on devices via the WSO2 App Manager store you need to select Subscribe that is under the Web App permissions.

    For more information see the sections given below:

  6. Click Update Role Permission.

To check out the minimum permissions required for user that is not an admin to register their deivce with WSO2 EMM, see Minimum Permissions to Register Android Devices.

  • No labels