Authorization

Audit administrator – this role has full rights for an assigned tenant and full access to all DirX Audit Manager features. Audit administrators can especially create public views that are visible for every common auditor.

Auditor – this role is a common tenant auditor with access to all DirX Audit Manager features. An Auditor can use public or product views and create private versions from these views that can be further modified. Private views and reports are only visible for the auditor who created them.

Restricted auditor – this auditor role has restricted access rights. A restricted auditor can only run and schedule some reports, but cannot use Dashboard, Audit Analysis and History views in DirX Audit Manager. In the Report view, a restricted auditor can see only reports that are tagged as Restricted. These reports typically require a parameter such as the organization or organizational unit. It is taken from the attributes of the auditor, which are retrieved during authentication from the associated LDAP directory or from the ID token provided by the OIDC provider (depending on the authentication method defined in the configuration for the tenant). The value of this parameter is used to further restrict the result of the SQL query, so that the report shows only audit events or history entries related to the auditor’s organization or organizational unit. Such restricted reports will fail with an error if those required parameters are not provided by the authentication process.