User Authentication
User authentication and authorisation for the Pitram Connect application is controlled via the user accounts and the roles setup in the Pitram Portal.
To authenticate a user for Pitram Connect:
- Define a new user account in System | Administration > Manage Users:
- The user’s account type can be set to either a Local or an Integrated account:
To give a user authorisation to login to Pitram Connect:
- Link the user to a role in System | Administration > Manage Roles
- Either edit an existing role, or create a new role, that will be authorised to use the Pitram Connect application:
- On the Users tab, click the Add icon to add the new user to that role:
- On the Actions page you can configure the Pitram Connect application for the current role, giving users with that role full or read-only access to all Pitram Connect services (System, People, Location, Equipment) or to a sub-set of services.
The user is added to the role’s list of users:
Selecting “*” for service does not work. While this may change in future, you must specify every service individually.
The application permissions and services granted to the users of the role are shown:
Loss of a device
The following PRIS calls can be used when a device is lost, or when the security refresh token for a device has been compromised. In this scenario, the refresh token can be removed, which will invalidate any device login.
- GET RefreshTokens
This route allows an administrator to view security refresh tokens. Refresh tokens are only relevant when PRIS has been configured to use token-based security.
- DELETE
Users with administrator access rights have access to a DELETE call which allows them to delete a security refresh token.
Refer to the Pitram REST Integration Services (PRIS) PDF for more details.