--- title: Permissions description: Controlling access and permissions documentId: access-control-permissions locale: en-US --- Each product offers specific permission granularity, allowing you to have adequate control, limiting, when necessary, user actions and privileges. Access management is different in Sensedia Platform 4.x versions. Check [the documentation](/docs/en/ac-api-platform-guide:iam-users:roles). See more about permissions on this page for: - [Adaptive Governance and Developer Portal](#ag-devportal). - [API Management](#api-management). - [Integrations](/docs/en/integrations-guide:ROOT:permissions) (the link directs to a page in the Integrations user guide). ## Concepts - **Resource:** any entity of a product that can be protected, such as files, APIs, data, or functionalities. - **Permission:** determines if a specific action can be performed on a certain resource, such as create, delete, list, update, view, etc. - **Role:** set of permissions grouped based on specific functions (e.g., "Administrator", "Editor", "Reader"). Permissions are assigned to roles, and users inherit these permissions when associated with roles. **Practical example** I want some users to only view the [Data Streamings](/docs/en/ac-analytics-guide:ROOT:data-streaming) already configured in [Sensedia Analytics](/docs/en/ac-analytics-guide:ROOT:index), while others can, in addition to viewing, also create, edit, and delete Data Streamings. Create two [roles](/docs/en/policies): "Data Streaming Viewer" and "Data Streaming Editor". **Creating the "Data Streaming Viewer" role:** - On your Sensedia Platform home, click **Roles** in the menu located on the right sidebar. ![home screen with indication for the roles menu](https://creative-ball-51b3fc85c0.media.strapiapp.com/permissions_home_roles_e2628acf37.png) This screen may vary according to the Sensedia solutions you have. - Click the **+ Create Role** button, located in the upper right corner of the screen, to create a new role. ![roles screen with the create role button](https://creative-ball-51b3fc85c0.media.strapiapp.com/permissions_create_role_41c42fd921.png) - In **Role information**, fill in the name (do not use spaces) and, optionally, the role description. Click **Continue**. ![part of the overview screen with the role name filled in](https://creative-ball-51b3fc85c0.media.strapiapp.com/permissions_overview_new_role_80540cdd8f.png) - In **Assign Permissions**, search for "Analytics" and select only the "Data Streaming View" permission in "Data Streaming" and click **NEXT**. ![permissions screen with Data Streaming view permission selected](https://creative-ball-51b3fc85c0.media.strapiapp.com/permissions_data_streaming_view_4d181b8cf1.png) - In **Review**, review the role information and click **Create Role**. **Creating the "Data Streaming Editor" role:** - Repeat the same steps listed above to create the "Data Streaming Editor" role, but this time select the permissions: - "Data Streaming View" - "Data Streaming Create" - "Data Streaming Update" - "Data Streaming Delete" in "Data Streaming" ![part of the permissions screen with Data Streaming view, create, update and delete permissions selected](https://creative-ball-51b3fc85c0.media.strapiapp.com/permissions_analytics_editor_b9bb8e6313.png) Associate users to the created roles. - In **Roles**, locate one of the created roles and click **>** in the **Actions** column. ![roles screen with the actions button](https://creative-ball-51b3fc85c0.media.strapiapp.com/permissions_roles_actions_466d1615a2.png) - Click the **Users** tab and then click the **Assign User** button. ![users tab with the assign user button](https://creative-ball-51b3fc85c0.media.strapiapp.com/permissions_assign_user_f81c4263ac.png) - Select the desired users and click **+ Add 'n' Roles** ('n' is the number of selected users). ![assign user screen with the add roles button](https://creative-ball-51b3fc85c0.media.strapiapp.com/permissions_assign_user_add_2bc5b58c56.png) - Click **Assign Roles** to complete. - Repeat the same process for the other created role. Users who were associated with the "Data Streaming Viewer" role will only be able to view existing Data Streamings, while users who were associated with the "Data Streaming Editor" role will be able to create, edit, and delete Data Streamings. ## Adaptive Governance and Developer Portal - Make sure the user is associated with a role that has the necessary permissions to access the Adaptive Governance and/or Developer Portal resource. - In addition to [permissions for Adaptive Governance](/docs/en/permissions) and/or Developer Portal, you may also need to configure some permissions that are related to other products or resources. To access all functionalities related to the API catalog, both for Adaptive Governance and Developer Portal, **select the Connect Catalog permissions**, as well as the product's own permissions. ![width=60%, alt="permissions screen with Connect Catalog permission selected"](https://creative-ball-51b3fc85c0.media.strapiapp.com/permissions_connect_catalog_bdd8d3b60c.png) ## API Management (Sensedia Platform) In addition to permissions for API Management (Sensedia Platform) resources, you may also need to configure some permissions that are related to other resources. For example, to **view a list of APIs** in API Management (Sensedia Platform), the user must be associated with a role that has the permissions: - "API List" in "API Platform" and - "List Groups from User" located under "Users" in the "Access Control" permissions. ![width=60%, alt="Screen that shows how to add the List Groups from Users permission to view the API Catalog"](https://creative-ball-51b3fc85c0.media.strapiapp.com/permission_view_catalog_with_user_group_9ec585fdaf.png) See more details about the necessary permissions for each resource in the [API Management](/docs/en/ac-api-management-guide:ROOT:permissions) user guide.