Overview

The role-based access control system in sapio365 is based on permissions mapped to every action in sapio365.

Create custom roles by selecting only the permissions you need to delegate. The actions that you’ve chosen for the role can then be only enabled for a specific scope, or set of users, groups, and sites.

The roles you create, the scopes and role assignments, also known as the sapio365 RBAC configuration, are stored in a local encrypted database on your machine.

When you connect YOUR Azure Cosmos DB account to your sapio365 license, the local database synchronizes with the one in your Cosmos DB.

This allows delegated users to retrieve and take on assigned roles when they sign in to sapio365 on their own computers.

Set up sapio365 RBAC

  1. Create a Cosmos DB account

  2. Add tenant and on-prem Active Directory credentials

  3. Define custom roles

    1. EXAMPLE: Create a global admin role

  4. Add a scope of action

  5. Assign users or groups

Manage sapio365 RBAC

  1. Manage RBAC access

  2. Audit User Activity Logs

  3. Review Comment History

How to use a sapio365 RBAC role

If you have been assigned roles in sapio365's RBAC to give you specific access to tenants, sign into sapio365 using a Standard session, and you will see a list of roles available to you.

Click here to learn more about how to use sapio365 RBAC roles.