Overview

Identity Access Management allows you to create and manage users with specific roles and permissions to manage access to their CPaaS account’s resources.

You can create users with different roles under your Account.

To access assigned resources via the available CPaaS APIs, each user can create API Access Keys. Those are long-term credentials for an IAM user. Access keys consist of two parts: an access key ID and a secret access key.

Accounts and Users that have been migrated from the legacy to the new Identity Access Management functionality do not have to perform this step. Their API keys are automatically generated during the migration process.

Like a username and password, users must use both the Access Key ID and the Secret Access Key together to authenticate API requests. Manage Access Keys as securely as would be done for username and password.

When users create an Access Key pair, they need to save the access key ID and secret access key in a secure location. The secret access key is available only once, at the time of creation. If a secret access key is lost, it must be deleted and a new one should be created.

Users can create, modify and delete their access keys and have a maximum of two access keys at any given time. This allows users to rotate the active keys according to security best practices.

Your Account

When your Account is created, an Administrator User will be generated. Through this User, you can create more Users and enable or disable access to Platform or Turnkey Application resources.

User Roles

Your users can have any of the roles below:

Administrator
Developer
Turnkey Applications Administrator
Turnkey Applications Developer

User Permissions

The user permissions represent the level of user access to various Platform and Turnkey Applications resources.

Understanding the User Roles and Permissions

The table below specifies the various User roles and their corresponding permissions.

Capability Availability at that Account Hierarchy Level

Administrator

Developer

Turnkey Applications Administrator

Turnkey Applications Developer

Platform Resources

Account Settings

Yes

read only

no access

API Credentials

Yes

read/write

no access

Audit API

No

no access

Feature Access Control Management

No

no access

User Management

Yes

read/write

no access

read/write

no access

Role Access

Yes

- Business Customer Administrator
- Business Customer Developer
- Business Customer Turnkey Applications Administrator
- Business Customer Turnkey Applications Developer

no access

- Business Customer Turnkey Applications Administrator
- Business Customer Turnkey Applications Developer

no access

Whitelabeling Settings

No

no access

BYOC Settings

No

no access

Manage Enterprise Accounts

No

no access

Communications Partner Organization/Account Management

No

no access

Turnkey Applications Enablement Management

No

no access

Manage Applications

Yes

read/write

no access

Manage Numbers

Yes

read/write

no access

Manage SIP/WebRTC Clients

Yes

read/write

no access

P. SMS

Yes

read/write

no access

P. Voice

Yes

read/write

no access

Call Logs

Yes

read only

no access

SMS Logs

Yes

read only

no access

SMS Logs Content

Yes

read only

no access

Recordings

Yes

read/write

no access

Recordings Content

Yes

read only

no access

Usage

Yes

read only

no access

Notifications

Yes

read only

no access

OutgoingCallerIDs

No

no access

Visual Designer

Yes

read/write

no access

Turnkey Applications

Auto Attendant

AA-Provisioning (GET, POST, PUT, DELETE)
AA-Announcement (CSP_ADMIN or SUPER_ADMIN or BG_ADMIN or AA_ADMIN)
AA-Menu
AA-Schedule

read/write

no access

read/write

AA-System(CSP_ADMIN or SUPER_ADMIN) AA-Phone Number AA-Single Sign On

read only

no access

read only

AA- Usage Records

read only

no access

read only

AA-Enterprise And User

read only

no access

read only

AA-Search and Usage record all endpoints all levels

no access

Number Masking

NM-Provisioning(GET, POST, PUT, DELETE)
NM-User (CSP_ADMIN or SUPER_ADMIN or ENTERPRISE_ADMIN)
NM-Application
NM-Context
NM-Interaction
NM-Masked Number
NM-Participant
NM-Phone Number

read/write

no access

read/write

no access

NM-Usage records

read only

no access

read only

no access

NM-Enterprise And User

read only

no access

read only

no access

NM- Search and Usage record all endpoints all levels

no access

Task Router

TR-Provisioning (GET, POST, PUT, DELETE)
TR-Workspace
TR-WorkFlow
TR-TaskQueue
TR-Activity
TR-Worker
TR-Reservation
TR-Task

read/write

no access

read/write

no access

TR-Usage Records

read only

no access

read only

no access

TR-Enterprise And User

no access

TR- Search and Usage record all endpoints all levels

no access

Smart 2FA

2FA-Traffic
send/verify/cancel

read/write

no access

read/write

no access

2FA-Limit Provision
2FA-WorkFlow provision

read/write

no access

read/write

no access

2FA-Usage Records

read only

no access

read only

no access

2FA-Search and Usage record all endpoints all levels

no access

Campaign Manager

Campaign Manager-Provisioning (GET, POST, PUT, DELETE)
Enterprise
Users
Enterprise Credit

no access

Campaigns (GET, POST, PUT, DELETE)

read/write

no access

read/write

no access

Usage records

read only

no access

read only

no access

Search and Usage Records
All endpoints all levels

no access

API Definition

Getting Started with the Identity Access Management API

Identity Access Management Overview

Overview

Your Account

User Roles

User Permissions

Understanding the User Roles and Permissions

API Definition