Roles are a bundle of permissions. Different roles with different permissions allow users to perform various tasks in the system.
We distinguish between user roles, roles that are not user roles, and system roles. More on this in the Behavior in the System section.
Configuration
See Create Role.
Behavior in the System
-
User Roles
-
Purpose
User roles are the roles that can be added to a user. These provide the user with a package of permissions. -
Configuration
When creating a role, you can define whether it should be a role that can be assigned to a user. To do this, select User Role: Yes during configuration. -
Permissions for New Features
We continuously develop d.vinci. To enable you to use new features, new permissions sometimes need to be granted. Since user roles are freely configurable, they are not automatically updated with new permissions. We often do this through system roles, as they are predefined bundles of permissions that you have assigned to corresponding user roles.
However, it may also happen that we ask you in the Release Notes to add the new permission to your user roles when delivering a new feature. -
Deletion or Modification
Learn more here: Change, Copy, or Delete Role
-
Purpose
-
Roles that are not User Roles
-
Purpose
A role that has not been created as a user role can be added as a contained role to another role or selected for API users. It does not appear in the role selection for users. This allows you to create roles needed for connected external systems. -
Configuration
To do this, select User Role: No during configuration.
-
Purpose
-
System Roles
-
Purpose
System roles - sometimes called standard roles - are delivered with your d.vinci system. They are predefined permission bundles that we have set to ensure basic functionalities. -
Configuration
You cannot configure system roles. We manage that. -
Application
System roles cannot be directly assigned to a user but can only be added as a contained role to a user role.
You can also create copies of system roles, which you can then customize as needed.
Learn more here: Change, Copy, or Delete Role -
Identifying system roles
System roles are marked with the gears icon . -
System roles in your d.vinci
An overview of all permissions bundled in the system role can be found here: System Roles - Permissions.
You will find these system roles in your system if all modules are activated (Applicant Management, Onboarding, and Events):- Administrator (standard)
- API Test Provider (standard)
- Department (standard)
- Mediateam (standard)
- Multiposting API (standard)
- Public API (standard)
- Onboarding - Administrator (standard)
- Onboarding - Supervisor (standard)
- Onboarding - Manager (standard)
- HR Department (standard)
- Hiring Request Recipient (standard)
- Hiring Request Submitter (standard)
- REST API (standard)
- Event Observer
- Event Organizer
-
Recommendation for using system roles/standard roles
When new features are introduced that require additional permissions, these are usually automatically integrated into the system roles/standard roles. Therefore, we recommend copying the system role and customizing it individually instead of using the standard role directly. This ensures that your employees only have access to the features you have approved. -
Deletion or Modification
System roles cannot be deleted or modified to ensure functionality at all times. They are updated by us (d.vinci) through new releases as needed. -
Permissions for New Features
We continuously develop d.vinci. To enable you to use new features, new permissions sometimes need to be granted. Since user roles are freely configurable, they are not automatically updated with new permissions. We often do this through system roles, as they are predefined bundles of permissions that you may have assigned to corresponding user roles.
-
Purpose
How our customers use this
All of our customers use their own user roles. We provide the system with some standard system roles that cannot be customized. Therefore, they are often copied and then modified as needed before being assigned to a user.