Roles and Permissions Help Information
OpenRMF® Professional has included roles and groups for permissions. Roles include things like Administrator, Editor, and Reader for general access into OpenRMF® Professional and your system package information. The Groups determine the system access.
OpenRMF® Professional is multi-tenant by design so you can only do and see what you are allowed to do. If you have no access to a system package or team subpackage, you never even see it listed. If you have reader access you can only view system package information.
OpenRMF® Professional uses Keycloak for its access control, authentication, and authorization functionality. Groups and roles for users as well as user profile information is saved inside Keycloak and logged/tracked accordingly.
How Roles and Permissions work in OpenRMF® Professional
There is more detailed information in the Security Help Area of the OpenRMF® Professional Help.
Auditing
All access control violations are inherently recorded in OpenRMF® Professional unless specifically turned off in the Settings. This includes the userId, the username, the service being requested and the path and data requested that was denied.