Configure User Permissions

App Developer Portal for FHIR (FDP) uses role-based access control to ensure security and manage user actions. When you create an organization account, Smart Trading Cloud automatically creates the default groups, Administrators and Regular Users, to set user access levels. You can utilize these groups for implementing role-based access in FDP.

The access levels are defined by assigning roles to the groups. Each role contains a set of permissions that specify the actions that a user belonging to that group is allowed to perform. After you get the FDP subscription, Smart Trading Account Service provides you with the following service-specific roles with pre-defined permissions:

  • Administrator: Users can access and edit all the functions when logged in through https://fdp.edifecsfedcloud.com.

  • Super User: Users can update the client ID and the secret key against the application, change the application registration settings and the portal configuration, and edit any information on the portal. However, users cannot publish the portal when logged in through https://fdp.edifecsfedcloud.com.

  • Regular User: Users can edit information, add endpoints, and update the portal configuration but cannot update the client ID and the secret key or the application registration settings. The Registration Settings are not available to this user, and the overlay opens in the read-only mode. The client ID and the secret key of applications are not visible to this role. Also, users cannot publish the portal when logged in through https://fdp.edifecsfedcloud.com.

As an administrator user of the organization account, you can create and manage your own custom user groups in Smart Trading Account Service and assign the required service-specific roles to the groups. For more information on groups and roles, see the Work with User Groups.

To configure role-based access for FDP, you need to perform the following tasks in Smart Trading Account Service:

  1. Create a user group.

  2. Add users to the group.

  3. Assign a role for this user group.

  4. Associate the group role to the FDP.

Note: The changes that you make to the user groups and roles are immediately applied to the access permissions for users.

The image below illustrates the role-based access configuration in Smart Trading Account Service.