Skip to main content

Functionality: Manage Developer Access

If you want to adhere to the control objective and resilience principles of least required and need to know principles which are key to control who has and can access what resources with which rights, then you can achieve this easily through the built-in authorization controls for the developers. This allows you to control fine grained on application level to provide each developer access to their relevant concern.

Pragmatic Approach

A good example for multi develops teams working on different projects is to assign the coarse grained privileges on the application level. This is often called coarse grained access control. You can do fine grained access control on detailed level but this is only advised when it is really necessary and working in larger complex teams. It is possible, we provide the control, but try to be pragmatic in these configurations.

Also always good thing to allow other to have read access to certain applications where they interface with or require insights, that they can go and look without changing or breaking things. From a security and resilience perspective in this eco-system it is better to have good oversight on the coarse grained authorization controls, than losing yourself in the complexity of the fine grained access controls.

We tried to have the balance between fine grained access topics and the relevant functional roles a developer or creator can be assigned to a project.

--

Application Developer Permissions

Available granularity of the access controls:

FeatureReadCreate/edit
Design systems
Dataformats
API’s
Actions
Dashboards: overview
Jobs: scheduled jobs
Data
Media
Templates
Versions

--

Workspace Permissions

  • Manage applications: havong control on the application administration
  • Manage workspace information: being able to reconfigure the metadata and other settings of an application
  • Manage users: identity and access management to the workspace and authorization control management
  • Manage billing: accounting control on the billing information of the workspace

How To

  • Step 1: Go to the "User" section in the platform.

image

  • Step 2: Navigate to the "Developer" tab.

image

  • Step 3: Click on the shield icon next to the developer’s name.

image

  • Step 4: Select the appropriate application(s) for that developer.

image

  • Step 5: Define fine-grained access controls for the application components.

When are authorizations assigned to users

  • When users authenticate to the NoCode-X platform they are being provisioned with the authorization controls.

  • When a user changes the operational context like switching between applications, the pertmissions are also verified.