Home
Role-based access control
Learn about role-based access control.
Adding roles
Before you can configure your role-based automatic access control policies, you must define your roles.

About ClearID
Learn about the ClearID self-service physical access management solution.
What's new
Check out what's new in the latest update to ClearID.
Deployment preparation
Check your compatibility and deployment requirements.
ClearID plugin
Learn how to download and install the plugin.
Managing identities and users
Learn how to manage identities and users.
Credential synchronization
Managing sites
Learn how to manage sites.
Managing areas
Learn how to manage areas.
Managing visitors
Learn how to manage visit requests and access requests.
Managing visitor watchlists
Learn how to manage visitor access using watchlists.
Role-based access control
Learn about role-based access control.
- About role-based access control
  Role-based access control uses identities with various attributes to automatically manage access control. Defining provisioning policies ensures that people in your organization always have up-to-date access permission levels. If an employee changes job title, department, or moves to a different site, the system automatically adjusts their access when their identity attributes are changed.
- Adding roles
  Before you can configure your role-based automatic access control policies, you must define your roles.
- Configuring role managers
  Role managers are composed of two distinct roles: role owners and role managers. Before you can define policies for a role or add or remove identities from a role, you must assign one or more employees as role managers.
- Configuring role-based access control policies
  To ensure that people in your organization always have up-to-date access permission levels, you can define provisioning policies that automatically assign people to specific roles based on their identity attributes. If an employee changes job title, department, or moves to a different site, the system automatically adjusts their access.
- Adding custom provisioning attributes to an identity
  When the default Genetec ClearID™ policy attributes do not meet your needs, you can manually assign custom provisioning attributes to an employees identity record. These attributes can then be used in a role-based access control policy.
- Adding role members
  To add role members who do not fit the default role-based provisioning policy criteria, you must add them manually.
- About role activity report
  In Genetec ClearID™, a role activity report is an audit trail of all activities related to roles. The report includes timestamp information, activity type, who activity was performed by, and a details section including reason information.
- Viewing a role activity report
  As an Account administrator, Role manager, or Role owner, you can view an audit trail of role-related activities such as timestamp information, activity type, who performed the activity, and more.
Connecting to other systems
Learn how to connect ClearID to other systems.
Visitor management devices
Learn about the ClearID Self-Service Kiosk mobile app that simplifies visitor management and check-in.
Troubleshooting
Troubleshoot common issues that can occur.
Additional resources
Need tech support or product information? Check out these resources.
Glossary

Adding roles

2024-02-01

Before you can configure your role-based automatic access control policies, you must define your roles.

Before you begin

Familiarise yourself with role-based access control.

What you should know

In Genetec ClearID™, a role is a group of people who are assigned the same access. A person can be assigned multiple roles. Roles are linked to cardholder groups in Synergis™. A role manager controls who is granted access to the group.

Only account administrators can add roles.
Consider creating roles for each department, group, or job title in your organization. For example, you might create roles for HR, IT, marketing, developer teams, payroll, contractors, and so on.

Procedure

From the homepage, click Organization > Roles .
Click Add role.
In the General section, complete the fields.
1. Enter a name for the role.
2. Enter a meaningful description.
3. Add any internal notes.
Note:
The internal notes field is used to store special instructions or details only visible to the account administrator, role owner, and role manager. Other users of the system cannot view internal notes. For example, the internal notes field could contain the following:
Only permanent employees based in Montreal should be in this role. Discuss with security before adding employees to this role.
(Optional) In the Notifications section, Select the notifications options that you require.
Click Save.

Example

After you finish

Configure your role-based access control policies.