Role & Permission Model

AppNavi has an easy-to-use but comprehensive roles and permissions concept. There are three main stages in this process:

  • Tenant
  • Workspace
  • Content

Users are always at the tenant level. A user can thus be authorized to different subscriptions. The user object itself, however, always belongs to a tenant. Content such as routes, posts, etc. is always assigned to a workspace and can only be used within a subscription.

Tenant OwnerA tenant owner has all the permissions to manage the whole tenant. For example, he can change tenant settings, create applications, workspaces and manage users. Moreover, the tenant owner has all the permissions of the underlying user roles.
OwnerA Workspace Owner has all the permissions to create users and manage content within the Workspace Users authorized for him. The owner does not have access to tenant settings or the right to manage applications.
ContributorThe contributor may create and edit content but may not make structural changes to the system. For example, the contributor can create, edit, or delete content such as a route or posts in different languages. However, he cannot add users or make changes to an application.
TranslatorA translator user cannot add applications or content, and cannot otherwise change content structures. A user in the Translator role only ever has access to the languages assigned to him and can thus translate content (e.g. routes, posts, etc.) in his area of responsibility.