Note: Users with a role and specific permissions in one scope do not automatically have the same role and permissions in other scopes, ensuring that different clients are able to work autonomously.
System Administrator’s Scope
System Administrator’s Scope is designed for system administration and has only one role, System administrator. Users with this role have access to the ABBYY Vantage system administrator interface and can do the following:- Manage tenants (view the tenant list, create and delete tenants, manage tenant subscriptions)
- Manage users within System Administrator’s scope (view the user list for that scope, create and delete users)
Tenant’s Scope
Tenant’s Scope is designed to manage users within a tenant and has the following roles:- Tenant Administrator. Has all scope permissions and can do the following: add users, assign roles (any), grant a Skill user rights to a specific list of skills and their stages or to all skills (all current and any further) and their stages in the tenant, create and publish skills, and access Skill Monitor to monitor the performance of the system. The Tenant Administrator can also add other tenants if the Fulfillment Operator role has been assigned to them by the System Administrator. For more information, see Creating a Tenant via the Vantage API.
- Skill Designer. Can create new skills. Has all permissions for existing skills and can do the following: process documents using skills, copy, edit, export, delete, and publish skills. Additionally, a Skill designer can view skills in the Skill Monitor. This role is designed for users that develop business processes and decide what purpose a specific skill should serve.
- Skill User. Can use skills for which they have rights: process documents using existing skills, get results, and view demo documents. This role is designed for both regular users and applications that use ABBYY Vantage (for example, mobile applications).
- Manual Review Operator. Can carry out manual review at the specified Process skill stages. A Manual Review Operator can be granted rights to a specific list of skills and stages, as well as to all skills and stages.
- Processing Supervisor. Can observe transactions being processed by the skills and carry out a manual review at specified Process skill stages. Has permissions to do the following: carry out Manual Review client tasks, use Skill Monitor to view, open, and cancel transactions for skills to which they have rights, as well as view transaction logs.
Permissions Matrix
The table below lists access groups and permissions for various roles in Tenant’s Scope.| Access Group | Permissions | Tenant Administrator | Skill Designer | Skill User | Manual Review Operator | Processing Supervisor |
|---|---|---|---|---|---|---|
| Administration | Assigning a role | Yes | No | No | No | No |
| Reviewing a subscription | Yes | No | No | No | No | |
| Change tenant settings (managing Vantage API clients and connection to an external identity provider) | Yes | No | No | No | No | |
| Documents | Process documents in the Documents view | Yes | Yes | Yes (only with permission to Default Process skill) | No | No |
| Skill Catalog | Finding a skill | Yes | Yes | Yes (only allowed skills) | No | No |
| Trying a skill | Yes | Yes | Yes (only allowed skills) | No | No | |
| Creating a skill | Yes | Yes | No | No | No | |
| Duplicating a skill | Yes | Yes | No | No | No | |
| Editing a skill | Yes | Yes | No | No | No | |
| Publishing a skill | Yes | Yes | No | No | No | |
| Exporting a skill | Yes | Yes | No | No | No | |
| Importing a skill | Yes | Yes | No | No | No | |
| Deleting a skill | Yes | Yes | No | No | No | |
| Discard unpublished changes to a skill | Yes | Yes (only their changes) | No | No | No | |
| Process documents using a skill | Yes | Yes | Yes (only allowed skills) | No | No | |
| Skill Monitor | Viewing a skill | Yes | Yes | No | No | Yes (only allowed skills) |
| Launching/stopping automatic export/import | Yes | No | No | No | No | |
| Viewing transactions | Yes | Yes | No | No | Yes (only allowed skills) | |
| Opening Manual Review client task | Yes | Yes | No | No | Yes (only allowed skills) | |
| Data Catalogs | Viewing a data catalog | Yes | Yes | No | No | No |
| Updating a data catalog | Yes | Yes | No | No | No | |
| Creating a data catalog | Yes | Yes | No | No | No | |
| Manual Review | Yes | No | No | Yes (only allowed skills and stages) | Yes (only allowed skills) | |
| Environment Variables | Creating, editing, and deleting secrets | Yes | No | No | No | No |
| Accessing secrets from skills, viewing the list of existing secrets in the script editor | Yes | Yes | No | No | No (only on Manual Review client) |