Authorization

The Authorization section allows you to define and manage access control across your organization using Splight's Role-Based Access Control (RBAC) system. Roles determine what users and systems can access and perform within the platform, ensuring that permissions are aligned with your operational and security requirements.

Splight’s RBAC implementation provides a flexible and secure way to manage access at scale.

Role Types

Splight supports two types of roles:

  • Built-in Roles These are system-defined roles provided out-of-the-box for common use cases:

    • Admin – Full access to all platform features, including user and role management.

    • Editor – Can view and modify data and settings, but cannot manage users or roles.

    • Viewer – Read-only access to platform data and dashboards.

    Built-in roles cannot be modified, making them ideal for standard access configurations.

  • Custom Roles Admins can define Custom Roles tailored to the specific needs of their organization. These roles are composed of custom permissions that define granular access rules.

Custom Permissions

A custom permission defines a specific access rule and consists of the following elements:

  • Name – A descriptive identifier for the permission.

  • Effect – Either allow or deny, specifying the intent of the permission.

  • Resource or Service – The part of the platform the rule applies to (e.g., asset, file, organization, etc.).

  • Action – The operation being controlled (e.g., create, read, update, delete).

Custom roles are simply collections of these permissions and can be assigned to any user within the organization. Only users with the Admin role can create custom roles and assign them to users or service accounts.

This model gives your organization complete control over who can do what across the Splight platform.

Managing Roles

In this section, you can:

  • View a list of all roles—both built-in and custom—along with their type and creation date.

  • Click on any role to inspect its assigned permissions and the resources it affects.

  • Create new custom roles using the New Role button (admin-only).

  • Assign roles to users and service users as needed.

Roles provide a scalable and auditable way to manage access and responsibilities across teams and integrations.

Single Sign-On (SSO)

Splight supports Single Sign-On (SSO) integrations for organizations that require centralized identity and access management.

  • SSO Support: We support any identity provider compatible with Auth0's SSO ecosystem.

  • Setup Process: To enable SSO for your organization, please contact your Implementation Manager. They will guide you through the setup and configuration process.

SSO allows for seamless login experiences, automatic role assignment via SAML claims, and improved security compliance.

If you have complex permissioning needs, our team can help design a secure access model tailored to your workflows. Reach out to your Implementation Manager for support.

PreviousUsersNextDelegated Identities

Last updated

Was this helpful?