Users Roles and Rights
Users of the Ignisign platform
Users of the ignisign platforms are regrouped into two categories:
- The
Platform Usersthat are the users of the Ignisign's Signature Manager application. - The
End-Usersthat are the users that interact with your application.
Whole users, Platform Users and End-Users, are under your own sole control.
info
Strict Segregation of Users including Signers
Users are not shared within applications and organizations.
Your Users are your users.
So, if someone creates a signer with the same claims that one of your signer, he will be considered as another signer in its own environment.
Platform Userscan have roles in different organizations and applications. Roles are cumulatives.End Userare strictly associated to an application and a environment. AEnd-Usercould also be aPlatform Userin its own organization or in others.
Ignisign Roles
Ignisign is a complete platforms that allows to manage signature at scale. So, the platform is organized around different roles that can be associated to a User.
Hereunder is the list of roles that can be associated to a user in the Ignisign Platform.
| Name | User Type | Description |
|---|---|---|
| Organization Owner | Platform User | They have the control on each elements of the organization, their members and their applications. They have the right to archive the organization. |
| Organization Administrator | Platform User | They have the control on each elements of the organization, their members and their applications. They don't have the right to archive the organization. |
| Organization Billing | Platform User | They have the control on billing information of the organization, access to invoice and consumation of the API. |
| Organization Reader | Platform User | They are able to view summaries information of the organization and its applications. This right cannot be associated directly to a user. This right is associated to a user when he is added to an application that is under the control of the organization. |
| Application Administator | Platform User | They have the control on each elements of the application, their members and their environments. They have the right to archive the application. They have right to manage settings and customisation of the application. |
| Application Environment Manager (Per Environment) | Platform User | They access to management features of the application in the environment where the right is assigrated. They can generate API Keys , link Webhooks endpoint, create Signature Profile, document templates ... |
| Application Operator (Per Environment) | Platform User | They are able to manage signature requests into the Ignisign Signature Manager Application. Basically, they are operator that are able to initiate Signature Request, Signers and manage the life-cycle of related signatures. |
| Application Reader (Per Environment) | Platform User | They can view signature proofs (restricted signature proofs too), signature requests and signer summary information. |
| Signers | End-User | The End-User that will sign the document. He only have access to : Its own data, The signatures sessions that are associated to him, The signatures proofs that are related to him. |
| Invited Proof Readed | End-User | An End-User that own a link to access to a signature proof that have the access configuration set to SHARABLE. They can only view the signature proof. |
| Invited Document Provider | End-User | An End-User that has been invited throw email to provide a document related to a signature request (Document Request Mechanism). They can provide a document that will be added to the signature request ones completed. |
Ignisign Functions
Ignisign is functionnaly organized around main functions.
Hereunder is the list of Ignisign main functions regrouped by functional domain and component level.
| Ignisign's Fonction | Component Level | Functional Domain |
|---|---|---|
| Org. archiving | Organization | Administrative |
| Billing | Organization | Administrative |
| Org Member Management | Organization | Administrative |
| Delegation Agreement | Organization | Administrative |
| Org Basic Information | Organization | Administrative |
| App Customization | Application | Administrative |
| App Members Management | Application | Administrative |
| API Keys | Appl. Environement | Management |
| Webhooks | Appl. Environement | Management |
| Doc Template | Appl. Environement | Management |
| Signature Profile | Appl. Environement | Management |
| Signature Request | Signature Profile | Signature |
| Signers | Signature Profile | Signature |
| Signature Session | Signature Profile | Signature |
| Signature Proof | Signature Request | Signature |
| Provide Document | Signature Request | Signature |
Component level: Represent the main component of the Ignisign Platform that is impacted by the function.
Functional Domain: Regroupement of functions by domain.
IgniSign role and rights management
As a user of the Ignisign Platform, you can have different roles and rights depending on the function you are using.
Hereunder is the list of rights associated to each Ignisign function by user.
Platform Users rights
| Ignisign's Fonction | Org Owner | Org Admin | Org. Billing | Org User | App Admin | App Manager (Per Env) | App Operator (Per Env) | App Readed (Per Env) |
|---|---|---|---|---|---|---|---|---|
| Org. archiving | Read/Write | No | No | No | No | No | No | No |
| Billing | Read/Write | Read/Write | Read/Write | No | No | No | No | No |
| Org Member Management | Read/Write | Read/Write | No | No | No | No | No | No |
| Delegation Agreement | Read/Write | Read/Write | No | No | No | No | No | No |
| Org Basic Information | Read/Write | Read/Write | Read | Read | No | No | No | No |
| App Customization | Read/Write | Read/Write | No | No | Read/Write | No | No | No |
| App Members Management | Read/Write | Read/Write | No | No | Read/Write | No | No | No |
| API Keys | Read + Generate | Read + Generate | No | No | Read + Generate | Read + Generate | No | No |
| Webhooks | Read/Write | Read/Write | No | No | Read/Write | Read/Write | No | No |
| Doc Template | Read/Write | Read/Write | No | No | Read/Write | Read/Write | Read | Read |
| Signature Profile | Read/Write | Read/Write | No | No | Read/Write | Read/Write | Read | Read |
| Signature Request | Read/Write | Read/Write | No | No | Read/Write | Read/Write | Read/Write | Read |
| Signers | Read + Init | Read + Init | No | No | Read + Init | Read + Init | Read + Init | Read |
| Signature Session | No | No | No | No | No | No | No | No |
| Signature Proof (Restricted) | Read | Read | No | No | Read | Read | Read | Read |
| Signature Proof (Shared) | Read | Read | No | No | Read | Read | Read | Read |
| Provide Document (Invited) | No | No | No | No | No | No | No | No |
End-Users rights
| Ignisign's Fonction | Signers | Invited Proof Readed | Invited Document Provider |
|---|---|---|---|
| Org. archiving | No | No | No |
| Billing | No | No | No |
| Org Member Management | No | No | No |
| Delegation Agreement | No | No | No |
| Org Basic Information | No | No | No |
| App Customization | No | No | No |
| App Members Management | No | No | No |
| API Keys | No | No | No |
| Webhooks | No | No | No |
| Doc Template | No | No | No |
| Signature Profile | No | No | No |
| Signature Request | No | No | No |
| Signers | No | No | No |
| Signature Session | Execution | No | No |
| Signature Proof (Restricted) | Read | No | No |
| Signature Proof (Shared) | Read | Read | No |
| Provide Document (Invited) | No | No | Provide Document |