"Access Control" is one of the modules included in the ROBIN platform, designed to manage users of the platform and customize their access rights to modules and objects (robots, machines, etc.) of the system. The module is available only to users with the "Access Rights Administrator" role.

You can restrict access to:

• Platform modules and applications:
  • "Access Control" module
  • "Orchestrator" module
  • Robin Process application
  • ROBIN Studio Enterprise application
  • ROBIN Player Enterprise  application
• Objects added to the platform's remote storage:
  
  • robot projects (the user publishes them to the repository himself via ROBIN Studio)

  • finished robots (the user publishes them to the repository via ROBIN Studio)

  • machines accounts - server or personal computer (the ROBIN Agent automatically transfers the machine data to the repository as soon as the client part of the platform is installed on the machine)

  • processes

  • robot start schedules (added to the storage when the user creates them via the Orchestrator module interface)

Users access rights to components and objects are delimited by tenants.

Tenants are some kind of multigroups, each of which has its own sets of objects, object groups, users and roles.

Each tenant has its own settings, access rights, and other aspects of process management. 

To access a tenant, a user must be added to it, and necessarily with one or more roles created in that tenant.

Also within a single tenant, you can more accurately differentiate user access to tenant objects by grouping them. The principles of grouping are as follows:

1. The administrator creates a group of objects in the tenant. Transfer objects to the group that not all tenant users can work with.
2. Creates a user group in the same tenant. Adds to the group only those users who are allowed to work with objects from the 1st point.
3. Gives the user group rights to the group of objects.
4. Users who are added to the tenant but not added to the group have access only to those tenant objects that are not allocated to the object group.
5. Users who are added to the tenant and additionally added to the group have access both to those tenant objects that are not allocated to the group and to the objects added to the object group.

By default, groups do not exist in tenant, they must be created separately (if necessary).