Create client roles
You can create client roles for client applications in 10Duke SysAdmin.
You can only use client roles with client applications connected using OAuth.
Before you start:
-
If you want to associate a client role with a specific client application, make sure the client application connection has been defined in SysAdmin.
-
Implement the enforcement of the client role and client permissions in your client application.
To create a client role:
-
In SysAdmin in the left sidebar, go to ROLES AND PERMISSIONS > Client roles.
-
Select Actions > Create. A dialog opens.
-
In Role name, define a name for the role. The name must be unique in the scope where the role applies (the system, or the client application if the role is associated with one).
-
In Description (optional), write a short description.
-
In OAuth 2.0 client (optional), select an OAuth client application to only apply the client role to that application.
-
Click Save to create the role.
-
In the client role table, select the new role. The details open below.
-
On the Role permissions tab, grant client permissions to the role.
Next steps:
-
You can assign the client role to users through the user’s account.
-
You can associate the client role with new or existing organization roles, which will inherit the client permissions of this role.