HomeDocumentationAPI Reference
Log In
These docs are for v16. Click to read the latest docs for v33.

Granting User Permissions

Suggest Edits

PrivX users gain permissions from roles. Roles may allow their users to:

  • Access target hosts.

  • Approve/deny requests.

  • Manage connections.

  • View/Manage secrets.

  • Perform PrivX administration.

Members of a role automatically receive the permissions from their roles. In other words, users gain permissions by becoming members of roles. Users may become role members in either of the following ways:

  • The user is included in the role via rules (​​mapped users​​). For more information about configuring rules for roles, see Managing Roles.

  • The user has been approved as a member of the role (​​approved users​​). For more information about approval mechanisms, see Requesting and Approving Memberships.

All users automatically start as members of the ​privx-user​​ role.

📘

Note

For active PrivX users, permission changes take effect when their access token is refreshed. The interval is specified in ​/opt/privx/etc/oauth-shared-config.toml​​, by the setting ​access_token_validity​​.

Updated over 3 years ago