Core access management

Users who are assigned this role cannot log in to the BPC.
This makes it possible, for example, in the Karaf Identity Provider to maintain dedicated users who have access to the Karaf console but not to the BPC itself.

This right controls whether a user may use a module. MODULE_ID corresponds to the technical ID of the module, e.g. loadModule_monitor for the monitor module.
The corresponding right must be assigned for each module to be used. If the corresponding right is missing for a module, the user cannot access the configuration (see also Configuration API) of the module. In addition, the web client does not load the corresponding JavaScript code.

This right is evaluated if access to instances has been restricted in the module (see Module_RestrictInstanceAccess in Configuration). If access is restricted, the user must have the right to the respective instance in addition to the loadModule_MODULE_ID right in order for the instance to be created.
MODULE_INSTANCE_ID is a placeholder for the specific ID of the instance.

This right controls whether the user can create instances of a module.
MODULE_ID corresponds to the technical ID of the module, e.g. createModuleInstances_monitor for the monitor module.

This right controls whether the user can delete instances of a module.
MODULE_ID corresponds to the technical ID of the module, e.g. deleteModuleInstances_monitor for the monitor module.

Allows the display of the administration area Administration area.

Authorizes the user to log in while the system is in maintenance mode.

This right allows the user to log in via the Status API to read active sessions.
This is also required to use the session overview widget.