Skip to main content

Managing users

This document explains the core concepts of user management in the Stonal platform. Understanding these concepts is crucial for effectively managing user access and permissions.

Concepts

Companies

Companies in Stonal represent organizational units that users belong to and play a role in asset access control.

A given company grants the user access to every asset it owns.

info

They are assigned to users via the company field.

Profiles

Profiles represent a functional scope within the system. They are primarily used for informational purposes and provide a high-level categorization of users.

Some applications will use profiles to control access rights, like Keep and Model for example.

info

They are assigned to users via the authorization.profile field.

Authorization Models (Application Groups)

Authorization models are the primary mechanism for defining the set of applications that a user can access.

info

They are assigned to users via the authorization.modelId field.

Regarding document storage

The document storage application access is granted via the PLATFORM application.

If a given application group contains the PLATFORM application and document storage is enabled on your organization, users assigned to this application group will be able to access the document storage application.

Permissions

Permissions provide fine-grained control over what specific resources and actions a user can access within the system.

List of currently available permission types:

  • ASSET

List of currently available permission ASSET subtypes:

  • PORTFOLIO
  • FACILITY
  • BUILDING_GROUP
  • BUILDING
info

They are assigned to users via the permissionUids field.

Authorization schema

Guides