Authorizations let users perform specific tasks, such as creating shares, rebooting the ZFSSA, and updating the system software. Groups of authorizations are called scopes. Each scope can have a set of optional filters that narrow the number of the authorizations. For example, rather than authorization to restart all services, a filter can be used such that the authorization can restart only the HTTP service.