Home
Managing identities and users
Learn how to manage identities and users.
Granting additional permissions for identities and roles
To provide users with more access than the default Genetec ClearID™ permissions allow, an Account administrator can grant additional permissions to identities and roles.

About ClearID
Learn about the ClearID self-service physical access management solution.
What's new
Check out what's new in the latest update to ClearID.
Deployment preparation
Check your compatibility and deployment requirements.
Account configuration
Learn how to configure and customize the ClearID portal.
ClearID plugin
Learn how to download and install the plugin.
Managing identities and users
Learn how to manage identities and users.
- Creating identities
  To provision individual accounts separately from mass import and synchronization processes, an Account administrator can manually create identities in Genetec ClearID™.
- Identity fields
  The Genetec ClearID™ identity fields table is a comprehensive list of supported user attributes and their data formats. You can use these specifications to determine which fields are mandatory, pushed to Security Center, or available for custom provisioning rules.
- About identity custom fields
  Identity custom fields are user-defined properties that store additional information about identities in Genetec ClearID™, beyond the system’s default fields. Account administrators create and manage these fields in the ClearID web portal.
- Creating identity custom fields
  To collect and store additional information about identities in the Genetec ClearID™ web portal, Account administrators can create custom fields and synchronize them with Security Center.
- Managing permissions for account administrators
  To limit whether other administrators can view or manage users and systems in the Genetec ClearID™ portal, an Account administrator can manage their permissions.
- Granting additional permissions for identities and roles
  To provide users with more access than the default Genetec ClearID™ permissions allow, an Account administrator can grant additional permissions to identities and roles.
- Granting additional permissions for supervisors
  To allow supervisors to update identity profile information and access control settings for their team, an Account administrator can grant additional supervisor permissions.
- Managing additional permissions
  To ensure users have the correct level of access to manage identities and direct reports, an Account administrator can view and update additional permissions.
- Viewing identities
  To check access control status, verify supervisor assignments, or review general user information, an Account administrator can view identities in Genetec ClearID™.
- Modifying identities
  To update user information following personnel changes or to manage account activation states, an Account administrator can modify identities in Genetec ClearID™.
- Deleting identities
  To remove identities that were created in error or are no longer required for individuals leaving the organization, an Account administrator can delete identities in Genetec ClearID™.
- Synchronizing identity pictures with Security Center
  To manage identity and cardholder pictures in one place, Account administrators can set Genetec ClearID™ as the preferred data source for all cardholder pictures in Security Center.
- About webhooks
  Webhooks are user-defined HTTP callbacks that send automated notifications or data to third-party APIs when specific events occur in Genetec ClearID™. You can use webhooks to streamline cross-system workflows, such as automatically notifying stakeholders when an identity request is created or updated.
- Creating webhooks
  To notify external stakeholders when specific events occur, Account administrators can create webhooks in Genetec ClearID™ to integrate with third-party solutions APIs.
- Viewing webhook logs
  To troubleshoot unreceived notifications or other integration issues, third-party API owners or Account administrators can view webhook logs.
- Granting access to the web portal
  To provide users with access to the Genetec ClearID™ web portal, Account administrators can grant the required permissions.
- Viewing your profile
  To understand what information is stored in the system or to verify your current role memberships, you can view your profile in Genetec ClearID™.
- Viewing your site and area access
  You can use the Profile Access page to review your site and area access. This information helps you determine if you need to request more access in your main site or other sites.
- Setting request visibility for users
  To manage the types of requests that web portal users can make, Account administrators can change the request visibility settings in the Genetec ClearID™ web portal.
- About access request workflow
  An access request workflow is a series of activities performed by the system or authorized people during the life cycle of an access request. The activities can change the state and properties of access requests, affect other entities in the system, or wait for a condition to be met.
- Requesting access
  To request access for yourself, another identity, or a team member, you can use the Genetec ClearID™ self-service portal. By using a self-service portal with specified area managers, you can simplify the approval process and avoid delays from routing requests to the wrong approvers.
- Adding supervisors manually
  To help manage requests from your direct reports, Account administrators can manually add supervisors to the relevant identity profiles so that the supervisor approval workflow can be used.
- Viewing direct reports
  To check access control status, review general identity information, or conduct security reviews and audits, you can view your direct reports list in Genetec ClearID™.
- Managing direct reports
  To update general identity information, adjust area and role access, or delegate tasks, you can manage your direct reports in Genetec ClearID™.
- Transferring direct reports
  To reassign team members to a new hire or accommodate personnel changes, you can transfer direct reports in Genetec ClearID™.
- About direct reports report
  In Genetec ClearID™, a direct reports report is a list of identities of employees that report to a supervisor. The report includes information about direct reports, delegated direct reports, job titles, companies, and access control status.
- Resetting user passwords
  To regain access to your account when you cannot authenticate, you can reset your password.
- About email notifications
  Genetec ClearID™ sends email notifications to inform users about specific system events related to access, identities, roles, and visits.
- About delegation
  In Genetec ClearID™, delegation is the process of transferring Genetec ClearID™ tasks within your organization, for example, due to a vacation or sabbatical. Tasks may be transferred among site owners, area owners, area managers, role owners, role managers, supervisors, and visit event approvers.
- Delegating tasks to another user
  To temporarily transfer task responsibilities during a planned absence such as a vacation or sabbatical, an authorized owner, manager, or supervisor can delegate Genetec ClearID™ tasks to another user.
- About user activity report
  In Genetec ClearID™, a user activity report is an audit trail of all activities related to users. Each entry includes a timestamp, the type of activity performed, the user who initiated the action, and additional details such as the reason for the change.
- Viewing a user activity report
  To ensure your organization remains security-compliant and audit-ready, Account administrators can view the user activity report in Genetec ClearID™.
- User levels
  To verify which system actions are permitted for specific users and roles in Genetec ClearID™, you can review the user level matrices.
- About identity request workflow
  An identity request workflow is a series of activities performed by the system or authorized people during the life cycle of an identity request. The activities can create an individual identity, or multiple identities using a CSV import, and add each new identity to a role to inherit relevant access for a specified period.
- Creating an identity template
  To streamline frequent identity requests for contractors or large groups of employees requiring access to specific sites or buildings, Account administrators can create identity templates in Genetec ClearID™.
- About requesting identities
  To simplify the approval process for individual or bulk CSV identity requests, you can use the Genetec ClearID™ self-service portal with an optional approver workflow.
- Canceling identity requests
  To withdraw a submission that was made in error or is no longer needed, identity requesters can cancel a pending identity request.
- Approving identity requests
  To validate new submissions and grant system access, a Supervisor or designated approver can approve individual or bulk identity requests.
- Approving identities imported using a CSV file
  To approve identities imported into Genetec ClearID™ using a CSV file, a Supervisor or identity approver must review the pending requests and then decide which ones to approve.
- About identity requests report
  In Genetec ClearID™, an identity requests report is a list of identity requests for your ClearID account. The report includes information about the identity request date, requester, name, identity template, status, and reviewers.
- Checking the status of identity requests
  To ensure your organization remains security-compliant, audit-ready, and on time, Account administrators can check the status of identity requests.
Credential synchronization
Managing sites
Learn how to manage sites.
Managing visitors
Learn how to manage visit requests and access requests.
Managing areas
Learn how to manage areas.
Managing visitor watchlists
Learn how to manage visitor access using watchlists.
Role-based access control
Learn about role-based access control.
Connecting to other systems
Learn how to connect ClearID to other systems.
Visitor management devices
Learn about the ClearID Self-Service Kiosk mobile app that simplifies visitor management and check-in.
Troubleshooting
Troubleshoot common issues that can occur.
Additional resources
Need tech support or product information? Check out these resources.
Glossary

Granting additional permissions for identities and roles

2026-04-29

To provide users with more access than the default Genetec ClearID™ permissions allow, an Account administrator can grant additional permissions to identities and roles.

Procedure

From the Home page, click Administration > Permissions .
Click Add permissions.
In the Permissions dialog, select either Identities or Roles.
If you selected Identities, complete the following:
1. In the Identities field, enter up to 20 identities to grant extra access.
2. In the Permissions section, select the permissions to grant.
  
  View
  
  Access to view identities is granted by default.
  
  Manage
  
  Select Manage to allow users to modify identities.
  If the identity is synchronized with an external data source, changes can be overwritten during synchronization. Use Manage for identities added manually in ClearID.
3. In the Reason field, explain why the access is being granted.
If you selected Roles, complete the following:
1. In the Roles field, enter up to 20 roles to grant extra access.
2. In the Permissions section, select the permissions to grant.
  
  View
  
  Access to view identities is granted by default.
  
  Manage
  
  Select Manage to allow users to modify identities.
3. In the Reason field, explain why the access is being granted.
To submit your changes, click Add identities or Add roles.

The specified identities or roles now have the required permissions to view and manage identities.