CASE FrameworkCASE Framework
User ManagementUser ManagementApp Roles

Basics

Understanding app roles and app role templates

What are App Roles?

App roles are assignments given to management users that define their role and permissions within specific applications or templates. Each app role consists of:

  • App name: The name of the application (e.g., "study-nurse-portal", "admin-ui")
  • Role: The specific role the user has in that application (e.g., "nurse", "data-manager")

Administrators can assign multiple app roles to management users. These app roles serve two main purposes (see also below):

  1. Access control for applications: Specialized tools and applications can use app roles to control which modules and actions a user can access.
  2. Permission templates: App roles can bundle commonly needed permissions, making it easier to assign standard permission sets to users.

What are App Role Templates?

App role templates are pre-configured blueprints that administrators create to standardize app role assignments. A template defines:

  • App name: The application this template applies to
  • Role: The role name within that application
  • Required permissions: A list of permissions that users with this role need to perform their tasks via the Management API. The core system’s Management API uses permissions to authorize actions on resources.

When an app role template is assigned to a management user, they receive both the app role assignment (app name and role) and all the associated permissions defined in the template.

Use Cases

Access Control for Extra Applications and Tools

Extra applications can check a user's app roles to determine access to specific features and modules. For example:

  • A "study-nurse-portal" application might have modules for different user groups (nurses, data managers)
  • Even if both groups may have similar permissions, the access to feature modules can differ for each group

Permission List Templates

Within the base system, certain user groups typically need a standard set of permissions. App role templates simplify this:

  • Instead of manually selecting dozens of individual permissions for each new user
  • Administrators can assign a template (e.g., "study-manager" or "admin-ui") that automatically grants all necessary permissions
  • This ensures consistency and reduces the chance of missing critical permissions

Service Accounts

Manage service accounts for machine-to-machine integrations

Managing Templates

Create, edit, and delete app role templates

On this page

What are App Roles?What are App Role Templates?Use CasesAccess Control for Extra Applications and ToolsPermission List Templates