Default roles

A complete list of all the default roles based on modules (access scope):

ModuleScopesRole default valueMicroservice
manage-platformreadROLE_ADMIN_MANAGE_PLATFORM_READAdmin
manage-platformadminROLE_ADMIN_MANAGE_PLATFORM_ADMINAdmin
manage-processesimportROLE_ADMIN_MANAGE_PROCESS_IMPORTAdmin
manage-processesreadROLE_ADMIN_MANAGE_PROCESS_READAdmin
manage-processeseditROLE_ADMIN_MANAGE_PROCESS_EDITAdmin
manage-processesadminROLE_ADMIN_MANAGE_PROCESS_ADMINAdmin
manage-integrationsadminROLE_ADMIN_MANAGE_INTEGRATIONS_ADMINAdmin
manage-integrationsreadROLE_ADMIN_MANAGE_INTEGRATIONS_READAdmin
manage-integrationseditROLE_ADMIN_MANAGE_INTEGRATIONS_EDITAdmin
manage-integrationsimportROLE_ADMIN_MANAGE_INTEGRATIONS_IMPORTAdmin
manage-configurationsimportROLE_ADMIN_MANAGE_CONFIG_IMPORTAdmin
manage-configurationsreadROLE_ADMIN_MANAGE_CONFIG_READAdmin
manage-configurationseditROLE_ADMIN_MANAGE_CONFIG_EDITAdmin
manage-configurationsadminROLE_ADMIN_MANAGE_CONFIG_ADMINAdmin
manage-usersreadROLE_ADMIN_MANAGE_USERS_READAdmin
manage-userseditROLE_ADMIN_MANAGE_USERS_EDITAdmin
manage-usersadminROLE_ADMIN_MANAGE_USERS_ADMINAdmin
manage-processeseditROLE_ENGINE_MANAGE_PROCESS_EDITEngine
manage-processesadminROLE_ENGINE_MANAGE_PROCESS_ADMINEngine
manage-instancesreadROLE_ENGINE_MANAGE_INSTANCE_READEngine
manage-instancesadminROLE_ENGINE_MANAGE_INSTANCE_ADMINEngine
manage-licensesreadROLE_LICENSE_MANAGE_READLicense
manage-licenseseditROLE_LICENSE_MANAGE_EDITLicense
manage-licensesadminROLE_LICENSE_MANAGE_ADMINLicense
manage-contentsimportROLE_CMS_CONTENT_IMPORTCMS
manage-contentsreadROLE_CMS_CONTENT_READCMS
manage-contentseditROLE_CMS_CONTENT_EDITCMS
manage-contentsadminROLE_CMS_CONTENT_ADMINCMS
manage-media-libraryimportROLE_MEDIA_LIBRARY_IMPORTCMS
manage-media-libraryreadROLE_MEDIA_LIBRARY_READCMS
manage-media-libraryeditROLE_MEDIA_LIBRARY_EDITCMS
manage-media-libraryadminROLE_MEDIA_LIBRARY_ADMINCMS
manage-taxonomiesimportROLE_CMS_TAXONOMIES_IMPORTCMS
manage-taxonomiesreadROLE_CMS_TAXONOMIES_READCMS
manage-taxonomieseditROLE_CMS_TAXONOMIES_EDITCMS
manage-taxonomiesadminROLE_CMS_TAXONOMIES_ADMINCMS
manage-themesadminROLE_THEMES_ADMINCMS
manage-themeseditROLE_THEMES_EDITCMS
manage-themesreadROLE_THEMES_READCMS
manage-themesimportROLE_THEMES_IMPORTCMS
manage-tasksreadROLE_TASK_MANAGER_TASKS_READTask Management
manage-hooksimportROLE_TASK_MANAGER_HOOKS_IMPORTTask Management
manage-hooksreadROLE_TASK_MANAGER_HOOKS_READTask Management
manage-hookseditROLE_TASK_MANAGER_HOOKS_EDITTask Management
manage-hooksadminROLE_TASK_MANAGER_HOOKS_ADMINTask Management
manage-process-allocation-settingsimportROLE_TASK_MANAGER_PROCESS_ALLOCATION_SETTINGS_IMPORTTask Management
manage-process-allocation-settingsreadROLE_TASK_MANAGER_PROCESS_ALLOCATION_SETTINGS_READTask Management
manage-process-allocation-settingseditROLE_TASK_MANAGER_PROCESS_ALLOCATION_SETTINGS_EDITTask Management
manage-process-allocation-settingsadminROLE_TASK_MANAGER_PROCESS_ALLOCATION_SETTINGS_ADMINTask Management
manage-out-of-office-usersimportROLE_TASK_MANAGER_OOO_IMPORTTask Management
manage-out-of-office-usersreadROLE_TASK_MANAGER_OOO_READTask Management
manage-out-of-office-userseditROLE_TASK_MANAGER_OOO_EDITTask Management
manage-out-of-office-usersadminROLE_TASK_MANAGER_OOO_ADMINTask Management
manage-notification-templatesimportROLE_NOTIFICATION_TEMPLATES_IMPORTNotifications
manage-notification-templatesreadROLE_NOTIFICATION_TEMPLATES_READNotifications
manage-notification-templateseditROLE_NOTIFICATION_TEMPLATES_EDITNotifications
manage-notification-templatesadminROLE_NOTIFICATION_TEMPLATES_ADMINNotifications
manage-notificationsimportROLE_MANAGE_NOTIFICATIONS_IMPORTNotifications
manage-notificationsreadROLE_MANAGE_NOTIFICATIONS_READNotifications
manage-notificationseditROLE_MANAGE_NOTIFICATIONS_EDITNotifications
manage-notificationsadminROLE_MANAGE_NOTIFICATIONS_ADMINNotifications
manage-document-templatesimportROLE_DOCUMENT_TEMPLATES_IMPORTDocuments
manage-document-templatesreadROLE_DOCUMENT_TEMPLATES_READDocuments
manage-document-templateseditROLE_DOCUMENT_TEMPLATES_EDITDocuments
manage-document-templatesadminROLE_DOCUMENT_TEMPLATES_ADMINDocuments
manage-systemsadminROLE_INTEGRATION_SYSTEM_ADMINIntegration Designer
manage-systemsimportROLE_INTEGRATION_SYSTEM_IMPORTIntegration Designer
manage-systemsreadROLE_INTEGRATION_SYSTEM_READIntegration Designer
manage-systemseditROLE_INTEGRATION_SYSTEM_EDITIntegration Designer
manage-systemsadminROLE_INTEGRATION_SYSTEM_ADMINIntegration Designer
manage-workflowsimportROLE_INTEGRATION_WORKFLOW_IMPORTIntegration Designer
manage-workflowsread_restrictedROLE_INTEGRATION_WORKFLOW_READ_RESTRICTEDIntegration Designer
manage-workflowsreadROLE_INTEGRATION_WORKFLOW_READIntegration Designer
manage-workflowseditROLE_INTEGRATION_WORKFLOW_EDITIntegration Designer
manage-workflowsadminROLE_INTEGRATION_WORKFLOW_ADMINIntegration Designer

Importing roles

You can import a super admin group and its default roles in Keycloak using the following script file.

Download script + roles

You need to edit the following script parameters:

  • baseAuthUrl
  • username
  • password
  • realm
  • the name of the group for super admins

The requests package is needed in order to run the script. It can be installed with the following command:

pip3 install requests

The script can be run with the following command:

python3 importUsers.py

Was this page helpful?

Configuring an IAM solution (EntraID)Application manager access rights