Last updated
Was this helpful?
Last updated
Was this helpful?
Permissions define granular access rights to apps, services, data, environments and functionality within Appfarm Create.
Permissions are granted to which are in turn assigned to . You must configure permissions for each new role that you create so that end-users can access and use your apps.
Grant access to a given . You must assign this permission if you create a new app.
Grant access to a given .
If a service is run from a , the service account that triggers the schedule must have a role with access to the service.
If a service is run via a call from an external application, the holding the must have a role with access to the service.
If a user can run a service from within an app, they need a role with access to the service.
Select which data operations a role has access to, for each in your solution.
When you create a new object class, only the have access by default. So you must grant access to the appropriate roles.
Additionally, when you add a new role, they have no object class permissions at all, so you must grant the required permissions.
These permissions can also be configured when in your Global Data Model.
Best practice
Be restrictive, and don't grant permissions that a role doesn't need.
If you've created a custom role that needs access to Appfarm Create, that can also be granted under Login access.
Manage permissions for adding, updating, and deleting users, service accounts, and individual roles. This includes assigning and removing roles.
If you have functionality in your apps or services for adding, modifying, or deleting users, the appropriate permissions must be granted here.
Advanced permissions include privileges within Appfarm Create. Typically, you would only use these if you create a custom role which requires access to Appfarm Create.
These permissions allow you to tightly control which parts of Appfarm Create that role has access to. For example, to allow access to only one specific app or restrict deploying to Production.
Grant access to a given . For example, you might have a role for testing which only needs access to the Test environment.
This is also where you can grant a role the permission Update Secret from Service. This is required when you have a service run by a schedule that fetches an authentication token from an external API and stores that token in a .