docs.healthdata.beRoles and permissions
In the Self-Service Portal (SSP) application three roles are pre-defined with their own sets of permissions. An individual can be assigned to more than one role (e.g. DP Manager and Certificate Editor).
User Manager (manager)
The User Manager provides access to all organizations within their network (where applicable) using the HD4DP 2.0 installation. This role can create new organizations (groups) and add members to groups. They can also define the roles of these members.
⚠️ There should be at least 1 user manager per HD4DP 2.0 installation. The initial User Manager is assigned by healthdata.be services.
⚠️ This role may not manage certificates for installations, unless they are also defined as a Certificate Editor.
⚠️ The User Manager defines and creates organizations within the SSP and assigns DP Managers to them.
DP Manager (dp_manager)
This role allows a member to add new members to the groups of which they are the DP Manager. The DP Manager role is defined by the User Manager in the process of adding a member to a group.
⚠️ A member could be a DP Manager of one organization, but a regular member of another organization.
⚠️ Unless they are also defined as a Certificate Editor, a DP Manager is not allowed to manage certificates for installations.
Certificate Editor (certificate_editor)
This role allows a member to manage the p12 certificates for an organization. The Certificate Editor role is defined by the User Manager or DP Manager in the process of adding a member to a group.