Tenant Admin Console (TAC)
TAC - Tenant Admin Console is a part of the applications configuration - the successor of Admin Console. This part of configuration will cover all tenant related configurations.
Areas of documentation in TAC: |
|
Describes how to configure the approval levels for specific operations |
|
|
Describes how to create invitation templates for external and internal onboarding |
|
|
Examples of configuration of approval |
Describes the configuration of approval for following cases: |
|
Describe the work with Azure AD profiles - creating profiles for users and/or devices |
|
|
Describes the group management feature - creating groups, roles and assigning privileges |
|
|
Describe the email template tool - how to create templates for email communication |
|
|
Describe the application configuration feature - how to create and configure ANT ID applications or other types of applications (SAML, OPENID...) |
Privileges related to TAC - scope: MANAGEMENT |
|
Privilege key |
Topic |
Type |
Description |
|
approval view |
APPROVALS, MANAGEMENT |
READ |
Allow user to display approval configurations |
|
approval update |
APPROVALS, MANAGEMENT |
WRITE |
Allow user to update approval configurations |
|
onboarding ext update |
INVITATIONS, MANAGEMENT |
WRITE |
Allow user to update templates for external onboarding |
|
onboarding ext view |
INVITATIONS, MANAGEMENT |
READ |
Allow user to display templates for external onboarding |
|
onboarding ldap update |
INVITATIONS, MANAGEMENT |
WRITE |
Allow user to update templates for internal onboarding |
|
onboarding ldap view |
INVITATIONS, MANAGEMENT |
READ |
Allow user to display templates for internal onboarding |
|
group view |
MANAGEMENT, AUTHORIZATION |
READ |
Allow user to view groups of the tenant |
|
group update |
MANAGEMENT, AUTHORIZATION |
WRITE |
Allow user to update groups of the tenant (create, update, delete), also allow user with this permission to add roles from another tenant (if user has this privilege in tenant A, he can add roles from tenant A to groups of tenant B on tenant B) |
|
admin group view |
MANAGEMENT, AUTHORIZATION, PLATFORM |
READ |
|
|
admin group update |
MANAGEMENT, AUTHORIZATION, PLATFORM |
WRITE |
|
|
role view |
MANAGEMENT, AUTHORIZATION |
READ |
Allow user to view roles of the tenant - for the creation of the groups |
|
role update |
MANAGEMENT, AUTHORIZATION |
WRITE |
Allow user to update roles of the tenant (create, update, delete) |
|
admin role view |
MANAGEMENT, AUTHORIZATION, PLATFORM |
READ |
|
|
admin role update |
MANAGEMENT, AUTHORIZATION, PLATFORM |
WRITE |
|
|
privilege view |
MANAGEMENT, AUTHORIZATION |
READ |
Allow user to view privileges of the tenant - for the creation of the roles |
|
admin privilege view |
MANAGEMENT, AUTHORIZATION, PLATFORM |
READ |
|
|
notification view |
MANAGEMENT |
READ |
|
|
notification update |
MANAGEMENT |
WRITE |
|
|
notification publish |
MANAGEMENT |
READ |
|
|
app catalogue view |
MANAGEMENT, CONFIGURATION |
READ |
|
|
app catalogue create |
MANAGEMENT, CONFIGURATION |
WRITE |
|
|
app catalogue modify |
MANAGEMENT, CONFIGURATION |
WRITE |
|
|
app catalogue delete |
MANAGEMENT, CONFIGURATION |
WRITE |
|
|
profile update |
AAD, MANAGEMENT |
WRITE |
|
|
profile view |
AAD, MANAGEMENT |
READ |
|