Roles and permissions

In the Self-Service Portal (SSP) application three roles are pre-defined with their own sets of permissions. An individual can be assigned to more than one role (e.g. DP Manager and Certificate Editor).

User Manager (manager)

The User Manager provides access to all organizations using the HD4DP 2.0 installation within their network (where applicable). This role can create new organizations (groups) and add members to organizations. They can also define the roles of these members.

⚠️ There should be at least 1 user manager per HD4DP 2.0 installation. The initial User Manager is appointed internally and shared credentials with by the healthdata.be services.

⚠️ This role may not manage certificates for installations, unless they are also defined as a Certificate Editor.

⚠️ The User Manager defines and creates organizations within the SSP and assigns DP Managers to them.

DP Manager (dp_manager)

This role allows for adding new members to the organizations of which they are the DP Manager. The DP Manager is defined by the User Manager in the process of adding a member to an organization.

⚠️ A member could be a DP Manager of one organization, but a regular member of another organization.

⚠️ Unless a DP Manager is also defined as a Certificate Editor, they are not allowed to manage certificates for installations.

Certificate Editor (certificate_editor)

This role allows a member to manage the p12 certificates for an organization. The Certificate Editor is defined by the User Manager or DP Manager in the process of adding a member to a group.