To the Oz Website Oz API Reference Contact Us

User Roles

PreviousSystem Objects NextTypes of Analyses and What They Check

Last updated 18 days ago

Was this helpful?

User Roles

Each of the new API users should obtain a role to define access restrictions for direct API connections. Set the role in the user_type field when you create a new user.

ADMIN is a system administrator, who has unlimited access to all system objects, but can't change the analyses' statuses;
OPERATOR is a system operator, who can view all system objects and choose the analysis result via the Make Decision button (usually needed if the is OPERATOR_REQUIRED);
CLIENT is a regular consumer account, who can upload media files, process analyses, view results in personal folders, generate reports for analyses.
- can_start_analysis_biometry – an additional flag to allow access to analyses (enabled by default);
- can_start_analysis_quality – an additional flag to allow access to (QUALITY) analyses (enabled by default);
- can_start_analysis_collection – an additional flag to allow access to analyses (enabled by default).
CLIENT ADMIN is a company administrator that can manage their company account and users within it. Additionally, CLIENT ADMIN can view and edit data of all users within their company, delete files in folders, add or delete report templates with or without attachments, the reports themselves and single analyses, check statistics, add new blacklist collections.
CLIENT OPERATOR is similar to OPERATOR within their company.
CLIENT SERVICE is a service user account for automatic connection purposes. Authentication with this user creates a long-live access token (5 years by default). The token lifetime for regular uses is 15 minutes by default (parameterized) and, also by default, the lifetime of a token is extended with each request (parameterized).

For API versions below 6.0

For API 5.3 and below, to create a CLIENT user with admin or service rights, you require to set the corresponding flags to true:

is_admin – if set, the user obtains access to other users' data within this admin's company.
is_service is a flag that marks the user account as a service accountfor automatic connection purposes. Authentication with this user creates a long-live access token (5 years by default). The token lifetime for regular uses is 15 minutes by default (parameterized) and, also by default, the lifetime of a token is extended with each request (parameterized).

Here's the detailed information on access levels.

Company

Create

Read

Update

Delete

ADMIN

OPERATOR

CLIENT

their company data

CLIENT SERVICE

their company data

CLIENT OPERATOR

their company data

CLIENT ADMIN

their company data

Folder

Create

Read

Update

Delete

ADMIN

OPERATOR

CLIENT

their folders

CLIENT SERVICE

within their company

CLIENT OPERATOR

within their company

CLIENT ADMIN

within their company

Report template

Create

Read

Update

Delete

ADMIN

OPERATOR

CLIENT

within their company

CLIENT SERVICE

within their company

CLIENT OPERATOR

within their company

CLIENT ADMIN

within their company

Report template attachments

Create

Read

Delete

ADMIN

OPERATOR

CLIENT

within their company

CLIENT SERVICE

within their company

CLIENT OPERATOR

within their company

CLIENT ADMIN

within their company

Report

Create

Read

Delete

ADMIN

OPERATOR

CLIENT

in their folders

CLIENT SERVICE

within their company

CLIENT OPERATOR

within their company

CLIENT ADMIN

within their company

Analysis

Create

Read

Update

Delete

ADMIN

OPERATOR

CLIENT

in their folders

CLIENT SERVICE

within their company

CLIENT OPERATOR

within their company

CLIENT ADMIN

within their company

Collection

Create

Read

Update

Delete

ADMIN

OPERATOR

CLIENT

within their company

CLIENT SERVICE

within their company

CLIENT OPERATOR

within their company

CLIENT ADMIN

within their company

Person

Create

Read

Delete

ADMIN

OPERATOR

CLIENT

within their company

CLIENT SERVICE

within their company

CLIENT OPERATOR

within their company

CLIENT ADMIN

within their company

Person image

Create

Read

Delete

ADMIN

OPERATOR

CLIENT

within their company

CLIENT SERVICE

within their company

CLIENT OPERATOR

within their company

CLIENT ADMIN

within their company

User

Create

Read

Update

Delete

ADMIN

OPERATOR

their data

CLIENT

their data

CLIENT SERVICE

within their company

their data

CLIENT OPERATOR

within their company

their data

CLIENT ADMIN

within their company

PreviousSystem Objects NextTypes of Analyses and What They Check

Last updated 18 days ago

Was this helpful?

Each of the new API users should obtain a role to define access restrictions for direct API connections. Set the role in the user_type field when you create a new user.

ADMIN is a system administrator, who has unlimited access to all system objects, but can't change the analyses' statuses;
OPERATOR is a system operator, who can view all system objects and choose the analysis result via the Make Decision button (usually needed if the is OPERATOR_REQUIRED);
CLIENT is a regular consumer account, who can upload media files, process analyses, view results in personal folders, generate reports for analyses.
- can_start_analysis_biometry – an additional flag to allow access to analyses (enabled by default);
- can_start_analysis_quality – an additional flag to allow access to (QUALITY) analyses (enabled by default);
- can_start_analysis_collection – an additional flag to allow access to analyses (enabled by default).
CLIENT ADMIN is a company administrator that can manage their company account and users within it. Additionally, CLIENT ADMIN can view and edit data of all users within their company, delete files in folders, add or delete report templates with or without attachments, the reports themselves and single analyses, check statistics, add new blacklist collections.
CLIENT OPERATOR is similar to OPERATOR within their company.
CLIENT SERVICE is a service user account for automatic connection purposes. Authentication with this user creates a long-live access token (5 years by default). The token lifetime for regular uses is 15 minutes by default (parameterized) and, also by default, the lifetime of a token is extended with each request (parameterized).

For API versions below 6.0

For API 5.3 and below, to create a CLIENT user with admin or service rights, you require to set the corresponding flags to true:

is_admin – if set, the user obtains access to other users' data within this admin's company.
is_service is a flag that marks the user account as a service accountfor automatic connection purposes. Authentication with this user creates a long-live access token (5 years by default). The token lifetime for regular uses is 15 minutes by default (parameterized) and, also by default, the lifetime of a token is extended with each request (parameterized).

Here's the detailed information on access levels.

Company

Create

Read

Update

Delete

ADMIN

OPERATOR

CLIENT

their company data

CLIENT SERVICE

their company data

CLIENT OPERATOR

their company data

CLIENT ADMIN

their company data

Folder

Create

Read

Update

Delete

ADMIN

OPERATOR

CLIENT

their folders

CLIENT SERVICE

within their company

CLIENT OPERATOR

within their company

CLIENT ADMIN

within their company

Report template

Create

Read

Update

Delete

ADMIN

OPERATOR

CLIENT

within their company

CLIENT SERVICE

within their company

CLIENT OPERATOR

within their company

CLIENT ADMIN

within their company

Report template attachments

Create

Read

Delete

ADMIN

OPERATOR

CLIENT

within their company

CLIENT SERVICE

within their company

CLIENT OPERATOR

within their company

CLIENT ADMIN

within their company

Report

Create

Read

Delete

ADMIN

OPERATOR

CLIENT

in their folders

CLIENT SERVICE

within their company

CLIENT OPERATOR

within their company

CLIENT ADMIN

within their company

Analysis

Create

Read

Update

Delete

ADMIN

OPERATOR

CLIENT

in their folders

CLIENT SERVICE

within their company

CLIENT OPERATOR

within their company

CLIENT ADMIN

within their company

Collection

Create

Read

Update

Delete

ADMIN

OPERATOR

CLIENT

within their company

CLIENT SERVICE

within their company

CLIENT OPERATOR

within their company

CLIENT ADMIN

within their company

Person

Create

Read

Delete

ADMIN

OPERATOR

CLIENT

within their company

CLIENT SERVICE

within their company

CLIENT OPERATOR

within their company

CLIENT ADMIN

within their company

Person image

Create

Read

Delete

ADMIN

OPERATOR

CLIENT

within their company

CLIENT SERVICE

within their company

CLIENT OPERATOR

within their company

CLIENT ADMIN

within their company

User

Create

Read

Update

Delete

ADMIN

OPERATOR

their data

CLIENT

their data

CLIENT SERVICE

within their company

their data

CLIENT OPERATOR

within their company

their data

CLIENT ADMIN

within their company