Security Features Security Rights
Security Features rights are selected from the Category drop-down on the Rights tab (CSM Administrator>Security>Edit Security Groups).
Right | Description (when
selected
![]() |
Grant To: |
---|---|---|
Advanced system settings? | Edit: Allows selected Users to edit advanced system settings. |
|
Audit log? |
Allows people working with the audit log in CSM Administrator to:
|
|
Credential Management? |
Allows people working with credentials in CSM Administrator to:
|
View/Run Only:
All rights:
|
In a Portal, can request a license to edit records owned by other Users? | Allow: Allows selected Users to request a license to edit records owned by other Users. |
|
License products? | Allow: Allows selected Users to provide Cherwell licenses into the system. |
|
Lock system so Users cannot log in? | Allow: Allows selected Users to lock the CSM system so that Users cannot log in (ex: During scheduled maintenance). |
|
Publish log? |
Allows people working with Blueprint publish logs to:
|
|
REST API client management? |
Allows users working with Rest API client keys to:
|
|
Role management? |
Allows people working with Roles to:
|
|
Run the Administrator tool? | Allow: Allows selected Users to run the CSM Administrator. |
|
SAML Cherwell Service Provider settings? | Edit: Allows selected Users to edit the service provider settings to configure CSM as a SAML Service Provider. |
|
SAML Identity Provider settings? | Edit: Allows Users to edit the identity provider settings to configure the SAML Identity Provider. |
|
Security group management? |
Allows people working with Security Groups in CSM Administrator to:
|
|
Security settings? |
Allows people working with Security settings in CSM Administrator to:
|
|
System settings? | Edit: Allows selected Users to edit default system settings in CSM Administrator. |
|
Team management? |
Allows people working with Teams in CSM Administrator to:
|
|
Twitter Account Management? |
Allows people working with their Twitter account in CSM Administrator and the Desktop Client to:
|
View/Add/Edit Only:
All rights:
|
Unlock a system that has been locked? | Allow: Allows selected Users to unlock a system that has been locked. |
|
View logged-in Users? | View: Allows selected Users to view logged-in Users. |
|