How to set up user access control using Tags?

By setting the user access level to "member", you will be able to control what they can do based on the type of Tags attached to their user profile.

Once you have created your Tags and attached them to the desired SIMs, you can start to use Tags for access control. If you still need to complete the previous two steps, you can find more information:

Setting up your Tags for access control

First step is to decide what kind of access do you want to give a user. 

edit-tag-writeAccess

Write Access Disable

This is the default setting when creating Tags and allows users to view information but not edit or add anything. Currently on the Platform the most detail a user can see is on the SIMs tab and the SIMs detail page. The "Activated" is displayed on the both pages to show status, but in this mode a user can not use the toggle.

SIMs Tab

member-sims

SIMs Detail Page

sims-details-member

In this mode on the platform a user can see network-whitelist names and number of countries and networks included in the list, while in connectors you can see the name and type of connector. For example:

Network-whitelist

member-networks

Connectors

member-connectors

Within the Dashboard and Usage tables, only usage occurring while a Tag is attached to a SIM. 

So, even if the SIM has used data while not being tagged, it will not show up on the records.

 

Caution: Usage information created by a SIM with a Tag is linked to that Tag. This means that adding a Tag to a SIM already activated will not include prior usage records before the Tag was attached to the SIM.

Furthermore, removing a Tag from a SIM will not remove the Tag from the usage records generated while the SIM had the Tag.

Note: Using the API you can use GET requests related to the items connected to the Tag. For example, the user above can still retrieve details of the "Americas" whitelist shown above. You read more about the different GET requests available in our Documentation.

Write Access Enabled

Enabling write-access on a Tag gives a user limited admin features. On the platform, a user with write access can update connectors, SIMs and network-whitelists that have the same Tag. They can also add new connectors and whitelists and attach them to a SIM.

Caution: A user with a write access Tag can still create new network-whitelists and connectors, even though they have not been given access to any of the ones that already exist.

Note: Using the API a user can use GET and PATCH requests related to the tagged items. A user can also use the POST requests to create new connectors and network-whitelists. For more information on how to use the API, see our Documentation. 

Adding a Tag to users

As seen at the start of the article, you can add a member user to a Tag when you create/edit it. You can also add it to a user when you create/edit a user. To do this, the user access needs to be set to "member".

user-edit-tag

Once the Tag has been added to the member user, they can start accessing the platform and API based on the access control you have set up in the Tag.

If you still have any questions or issues, you can write to support@onomondo.com