Role-Based Access Control (RBAC) Implementation Guide
Last updated – April 10, 2026
This page, as of NetSpeek platform version 1.1, describes the permissions of the platform-provided default roles in the table below. There are 6 roles, defined as Owner, Administrator, Manager, Operator, Analyst, and Viewer.
| Permission | Description | Owner | Administrator | Manager | Operator | Analyst | Viewer |
| Identity and Access Management | |||||||
| Users:ReadSelf | View own profile and settings | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
| Users:WriteSelf | Update own profile and settings | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
| Users:ReadSelf | View other users | ✅ | ✅ | ✅ | ✅ | ❌ | ❌ |
| Users:Write | Create / Update other users | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ |
| – | – | – | – | – | – | – | – |
| Roles:Read | View roles | ✅ | ✅ | ✅ | ❌ | ✅ | ❌ |
| Roles:Write | Manage roles | ✅ | ✅ | ❌ | ❌ | ❌ | ❌ |
| Roles:Assign | <tbd> | ✅ | ✅ | ❌ | ❌ | ❌ | ❌ |
| – | – | – | – | – | – | – | – |
| Permissions:Read | View permissions | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ |
| – | – | – | – | – | – | – | – |
| Tenants and Context | |||||||
| Customers:ReadSelf | View current tenant details | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
| Customers:WriteSelf | Update current tenant details | ✅ | ✅ | ❌ | ❌ | ❌ | ❌ |
| Customers:Read | View child tenants | ✅ | ✅ | ✅ | ❌ | ✅ | ✅ |
| Customers:Write | Manage child tenants | ✅ | ✅ | ❌ | ❌ | ❌ | ❌ |
| – | – | – | – | – | – | – | – |
| Context:Switch | Switch tenant context | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
| – | – | – | – | – | – | – | – |
| Location Management | |||||||
| Locations:Read | View location entities | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
| Locations:Write | Manage location entities | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ |
| – | – | – | – | – | – | – | – |
| Endpoints and Devices | |||||||
| Devices:Read | View devices | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ (??) |
| Devices:Write | Create / Edit devices | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ |
| – | – | – | – | – | – | – | – |
| Endpoints:Read | View endpoints | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
| Endpoints:Write | Manage endpoints | ✅ | ✅ | ✅ | ✅ | ❌ | ❌ |
| Endpoints:Action | Dispatch actions to devices | ✅ | ✅ | ✅ | ✅ | ❌ | ❌ |
| – | – | – | – | – | – | – | – |
| Integrations | |||||||
| Integrations:Read | View integrations | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ (??) |
| Integrations:Write | Manage integrations | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ |
| – | – | – | – | – | – | – | – |
| Lena and Reports | |||||||
| Lena:Chat | Chat with Lena | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
| Reports:Read | View reports (Room Check results) | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ |
| – | – | – | – | – | – | – | – |
| Room Checks | |||||||
| RoomChecks:TargetState.Read | View Room Check target states | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
| RoomChecks:TargetState.Write | Manage Room Check target states | ✅ | ✅ | ✅ | ✅ | ❌ | ❌ |
| RoomChecks:Schedule.Read | View Room Check schedules | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
| RoomChecks:Schedule.Write | Manage Room Check schedules | ✅ | ✅ | ✅ | ✅ | ❌ | ❌ |
Notes:
As of platform version 1.1, there are no exposed differences between Owner and Administrator. Future plans for the RBAC featureset will provide separation between these roles – discuss these plans with NetSpeek Sales Engineering if of interest.