1. Security Guide
  2. Post Installation Configuration
  3. Configuring Administrator Permissions

Configuring Administrator Permissions

Administrator users for Retail Home must be assigned the following roles through the authentication provider for the environment:

  • RETAIL_HOME_ADMIN

  • PLATFORM_SERVICES_ADMINISTRATOR

All users for Retail Home must be assigned the PLATFORM_SERVICES_ADMINISTRATOR_ABSTRACT role. This role no longer grants administrator permissions but is required for all users due to a bug.

Two additional roles, RH_ROLE_REQUEST_ABSTRACT and RH_ROLE_REMOVE_ABSTRACT, control permissions for notification administration and need to be assigned to users as well.

The data privacy services require the DATAPRIV_ADMINISTRATOR_REST_API_ROLE to use and this must be assigned to appropriate users.

Non-Production Environments

In a non-production environment (for example, staging), Retail Home uses separate preproduction roles. These roles are identical to the production roles except for the addition of the _PREPROD suffix (for example, RETAIL_HOME_ADMIN_PREPROD). For these environments, users must be assigned the corresponding preproduction role for the cases listed above.