Privileges

managing privileges the privileges a user has determine which resources the user can access/modify and which parts of the frontend are accessible docid\ jnwkrvq1b0wph9p7k2ipx , so the privileges of a user depend on the groups they are a member of available privileges almost every endpoint that requires authentication also needs the user to have a certain privilege to authorize them to access or modify a resource below is a general overview of what you can access/modify with which privileges all privileges group certain aspects of factry historian together and are split into a read and manage privilege measurements view/manage measurements and calculations query time series data of the measurement view measurement logs view/manage measurement labels export measurement data to parquet it’s recommended to at a minimum also include read privileges for time series databases and collectors, otherwise the frontend might not work as expected collectors view/manage collectors view collector logs time series databases view/manage time series databases view available time series database types external databases view/manage external databases assets view/manage assets view/manage asset properties it’s recommended to at a minimum also include read privileges for event configurations, otherwise the frontend might not work as expected events view/manage events view/manage manual entries event configurations view/manage event types view/manage event type properties view/manage event configurations view/manage event property configurations organizations view/manage organizations users view/manage users view/manage user and service tokens user groups view/manage user groups view/manage user group privileges view/manage user group membership view/manage authentication provider to user group mapping privileges view/manage available privileges audit logs view audit logs audit logs can not be managed via the frontend nor via the api logs view application logs logs can not be managed via the frontend settings view/manage authentication providers view/manage settings view/manage worker pools/tasks sinks view/manage sinks view/manage forwarders task schedulers view/manage task schedulers prototypes view/manage prototypes authentication providers and server wide settings can only be managed if you have the manage settings privilege in the docid\ odmadpifqlvqbpgfarnxi pre defined sets of privileges these pre defined sets of privileges are used when creating the default groups for an organization administrator read and manage measurements read and manage collectors read and manage time series databases read and manage assets read and manage events read and manage event configurations read users read and manage user groups read and manage privileges read audit logs read and manage settings read and manage external databases read and manage sinks/forwarders read and manage task schedulers read and manage prototypes read statistics manager read and manage measurements read and manage collectors read and manage time series databases read and manage assets read and manage events read and manage event configurations read and manage external databases read and manage sinks/forwarders read and manage task schedulers read and manage prototypes read statistics reader read assets read collectors read event configurations read events read measurements read time series databases read manual entry forms read external databases read sinks read task schedulers read statistics collector read and manage measurements read and manage collectors