/
Role-based access control

Role-based access control

Owned by Adaptavist ScriptRunner for Confluence Cloud
Last updated: Apr 15, 2022 by Christopher Snider
2 min read

Tidepool API permissions are applied to ALL requests to the platform and require authentication, authorization and audit.

Search this space

Role-based access control (RBAC) is used across Tidepool internally for administrator and support roles, as well as to the Tidepool Application for our users. Different RBAC role permissions and rights apply, depending on the user profile.

Tidepool Application

  • Owner: Total control of the account, including metadata.

    • Share: Share with or invite another user

      • When an end user creates their own account and selects "Share", they can invite another user or Clinic to view their data and optionally allow them to upload data on their behalf. See User account relationships for additional details.

    • Edit: Ability to edit data or notes.

    • Upload: Ability to upload diabetes data but not user data.

    • View: Ability to view data (must be granted by the owner of the data).

    • Notes: Ability to attach a note to a user's data.

  • Custodian: Permission to access a custodian account (but not change its password)

    • Edit: Ability to edit data or notes.

    • Upload: Ability to upload diabetes data but not user data.

    • View: Ability to view data (must be granted by the owner of the data).

    • Notes: Ability to attach a note to a user's data.

  • Clinic Account Admin

    • Edit Clinic account details

    • Add and remove clinician users

    • Change clinician permissions

    • Grant permission to merge patient lists

    • Add patient users

    • Accept patient invites

    • Remove patients from patient list

    • View and upload patient data

  • Clinic Team Member

    • Add patient users

    • Accept patient invites

    • View and upload patient data

    • View clinic members

Tidepool Internal Support and Administration Tool

  • Support:

    • Find User Account

    • View User Account

    • View User Activity

    • Confirm User’s Email

    • Reset User’s Password

    • Change User’s Role

    • Delete User Account

    • Delete User Upload

    • Change User’s Email Address

    • Disconnect API Connections

    • Capture Snapshot of User Data for MDR Investigation

    • Migrate Clinician user to Clinic account

    • Merge Clinician user Private Workspace patient list to Clinic account patient list

 

Related content

Production access
Production access
Tidepool Technical Documentation
More like this
End-user accounts
End-user accounts
Tidepool Technical Documentation
More like this
Logging and auditing
Logging and auditing
Tidepool Technical Documentation
Read with this
User account relationships
User account relationships
Tidepool Technical Documentation
More like this
System Architecture
System Architecture
Tidepool Technical Documentation
Read with this
Terms of Use and Privacy Policy
Terms of Use and Privacy Policy
Tidepool Technical Documentation
More like this

The content of the Tidepool Technical Documentation is licensed under a Creative Commons CC0 1.0 Universal (CC0 1.0) Public Domain Dedication.