When you first get ProvisionPoint Enterprise connected to your tenant, only the one administrative group you supply during the installation will be given access. Further groups can be added into different security roles.
There are 3 security roles in ProvisionPoint Enterprise:
1) Licensed Users. These are the users of your company. They can view:
- View site info
- View the site directory
- Request sites and be site owners
- View and complete approval tasks
2) Service Definition Managers. These are likely in an IT / Business Analysis function. They can do everything a licensed user can do as well as:
- Create and modify Service Definitions
- Manage resources
- Create and modify Approval Templates
- Create and modify Notification Templates
3) App Managers. These users are administrators of ProvisionPoint, likely in an IT function. The can do everything above as well as:
- Manage ProvisionPoint security
- Manage the job queue
- View + manage archived sites
To grant access navigate to App Settings, which is under Settings in the Admin Tab.
Select the appropriate security role and then click on the Add Access button.
There are two options available for Role Assignment.
Select the value type of Security Group if you want to grant a specific Azure Active Directory security group access to a specific role. You will then be prompted to provide the name of the required security group.
Alternatively if you would like to grant all users in your organisation a security role in ProvisionPoint Enterprise, select the value type of System Group and then All Member Users.
Note that the steps detailed in this article will only grant access to ProvisionPoint Enterprise with the designated security role, and permissions to request a Service Definition is managed separately.