In this article, you'll learn how to manage who has access to your Kio Cloud account and their permissions. User permissions are managed by the role assigned to each user - a role is a collection of permissions that allows users to perform specific actions within your Kio Cloud account.
For details on the current Users app, see Getting started with user management.
Topics include:
Users are anyone that requires access to your Kio Cloud account and each user is assigned to a role. A user is identified by their email address and their email address can only be associated with one Kio Cloud account.
There are three available roles within the legacy Users app. These roles define the permissions to user management and managing device-level access within Device Management 2.0.
The following diagram is a high-level view of how the roles are related, which is a parent-child structure.
-
Superuser role: the parent to all roles (account owner/supervisor).
When a new Kio Cloud account is created, who created the account is assigned to the Superuser role.
This role can add users and assign them to the Admin role, and manage all devices.
You can only have one user assigned to the Superuser role.
-
Admin role: a child (sub-account/manager) to the Superuser.
An Admin user has permission to add new users and manage the users' device-level access from Device Management 2.0.
You can have one to multiple users assigned to the Admin role.
-
Operator role: a child (sub-account) to an Admin user.
An Operator user is created by a user assigned to the Admin role.
A user assigned to the Operator role cannot add or manage users and are granted device-level access by the Admin that added them to your Kio Cloud account.
You can have multiple Operators created and managed by an Admin.
The three roles, available within the legacy Users app, define the permissions to each of the Kio Cloud apps.
Kio Cloud app |
Superuser role |
Admin role |
Operator role |
---|---|---|---|
Users Permission: view, add, edit, and remove users |
x |
x Restricted to only their child users (Operator role) |
|
Device Management Permission: view and edit devices |
x |
Granted Editor or Viewer access within Device Management 2.0 |
Granted Editor or Viewer access within Device Management 2.0 |
Add Devices Permission: add devices via a Kontakt.io Order ID |
x |
||
Smart Location Permission: view and edit |
x |
x |
x |
Policy Foundry Permission: view and edit |
x |
x |
x |
Kio Setup Manager mobile app Permission: view and edit devices |
x |
Inherited device-level access from Device Management 2.0 |
Inherited device-level access from Device Management 2.0 |
To allow your organization's personnel or others to access to your Kio Cloud account, first you'll need to add them as a user and assign their role.
-
From your Kontakt.io Launchpad, select Users.
-
Select the Add User option.
-
Enter their settings and assign their role. The user will sign in to Kio Cloud with the email address provided.
-
Admin role: a child (sub-account/manager) to the Superuser.
A user assigned to the Admin role has permission to add new users (Operators) and can manage users' device-level access from Device Management 2.0 for only the users they have added. You can have one to multiple users assigned to the Admin role.
-
Operator role: a child (sub-account) to an Admin user.
A user assigned to the Operator role is granted device-level access from Device Management 2..0. You can have multiple users assigned to the Operator role.
-
-
Select Add User.
The new user receives an activation email from Kontakt.io with the steps to activate their user account and set their password.
Next, if the user is responsible for installing or managing devices, you'll need to grant their device-level access within Device Management 2.0.
By default, only the Superuser role (account owner) has permission to view and edit devices within Device Management 2.0. Users assigned to the Admin or Operator role must be granted device-level access within Device Management 2.0. This device-level access also extends to the Kio Setup Manager app and the user's unique API key for integrating with Kontakt.io APIs and SDKs.
Who can manage device-level access is determined by the role assigned to a user.
-
Account owner (Superuser) role: can grant and manage device-level access for all devices and users.
-
Admin role: can grant and manage device-level access only for the devices to which they have been granted access by the Account Owner (Superuser). Admins can only assign device-level access to Operator users they have created.
An Admin has permission to add new users but can only manage the device-level access for the users they have added. Multiple users can be assigned to the Admin role.
Note
For our developer community that integrates with the Kontakt.io APIs and SDKs, each Kio Cloud user has a unique API key that includes their device-level access permissions.
To grant and manage a user’s access to specific devices, the following prerequisites must be met:
-
User profile and email
The user must have a profile within the Kio Cloud Users app. You will also need their email address located in their user profile when assigning device-level access.
-
User registration
The user, being assigned to device-level access, must log into Kio Cloud and select Device Management 2.0. This step is crucial as it registers the user with Device Management, allowing an Access Manager to assign their device-level access.
-
Sign into Kio Cloud, go to Device Management 2.0.
-
From the Inventory menu, select the type of devices > either Tags or Infrastructure.
Tags: devices that are moving and are either attached to mobile equipment or are wearables that are worn by people. For example, Asset Tags, Smart Badges, Sticker Tags, Nano Tags.
Infrastructure: devices that are stationary and remain in a fixed location. They are assigned to a room within Smart Location. For example, Portal Lights, Portal Beams, Beam Minis, Anchor Beacons, Dispenser Beacons.
-
From the list, select the devices that the user requires access to.
You can filter devices from the Add Criteria option. For example, you want to grant a specific set of users to only have access to Smart Badges, set the Criteria to Product and then from the Product filter set to Smart Badge.
-
Select the Bulk option (displays the number of devices the user(s) will be granted access to) > select Edit Device Access.
Optionally, you can select a single device. Select the device from the list > select its Device Access tab. From the Grant access to device section, enter their email address > select an Access Level > select + Grant.
-
From the Edit Device Access window, set the following:
Operation: select Grant access
Email: enter the email address(es) of the users. Required to be the same address set in their Kio Cloud user profile.
Access level: Editor has full edit access, while Viewer has read-only access.
Access never expires (default). To set a date when access expires (revoked automatically), deselect this option and select a specific date.
-
Select Continue to save.
Complete the following steps to revoke a user's access. This only applies to users that have been granted device-level access.
-
Sign into Kio Cloud, go to Device Management 2.0.
-
From the Inventory menu, select the type of devices > either Tags or Infrastructure.
Tags: devices that are moving and are either attached to mobile equipment or are wearables that are worn by people. For example, Asset Tags, Smart Badges, Sticker Tags, Nano Tags.
Infrastructure: devices that are stationary and remain in a fixed location. They are assigned to a room within Smart Location. For example, Portal Lights, Portal Beams, Beam Minis, Anchor Beacons, Dispenser Beacons.
-
From the list, select the devices from which you need to revoke the user's access.
To filter the devices displayed, you can use the Add Criteria filter option.
-
Select the Bulk option (displays the number of devices the user(s) will be granted access to) > select Edit Device Access.
Optionally, you can revoke a user's access from the profile of a device. Select the device from the list > select its Device Access tab > select the delete icon from the user's entry in the Users with access section.
-
From the Edit Device Access window, set the following:
Operation: select Revoke access
Email: enter the email address(es) of the users. Required to be the same address set in their Kio Cloud user profile.
-
Select Continue to save.