Role-Based Access Control
Role-Based Access Control enables large conglomerate organizations to deploy a single Azure tenant and map it to multiple Azure Security groups defined on the same tenant. The groups may logically represent Organization Active Directory attributes of the affiliated subsidiary of the conglomerate entity. For example, the R&D group. New customers are onboarded to represent each managed group. Live Platform access permissions can be assigned to each group on Azure. For example, the Customer operator permission is assigned to the R&D group. All members that are defined to R&D group as 'Direct Members' inherit the 'operator' permission. Upon logging into Live Platform, these users only view data (alarms, statistics and calls) associated with the M365 users that are mapped to this Security Group in the organization Active Directory. When they log into the Customer portal, M365 user data is filtered by a GetCsOnlineUser filter query matching the Active Directory attribute of the Security group. For example, Department -eq "R&D" is the matching query for the R&D Security group.