Roles and Permissions

Explains the different roles a user can be assigned to and their permissions on the platform

1 Platform Features
2 Content and Spaces

Platform Features

The following roles are managed on Unique’s IDP and include access and permissions for platform features. However, permissions and access to content/spaces are not part of this overview but specified in the Spaces concept (Spaces documentation will follow soon).

Zitadel Key	Zitadel Display name	Zitadel Group	Unique Capabilities	Capabilities and functionalities

Zitadel Key	Zitadel Display name	Zitadel Group	Unique Capabilities	Capabilities and functionalities
chat.chat.basic Live	chat with limit to input	chat	Chatting interface w/ potential limit to the chat input	Access to chatting interface Default settings for end user to chat with the application
chat.knowledge.read Live	view knowledge base	knowledge-base	View central knowledge base	View (incl. download) central knowledge base
chat.knowledge.write Live	upload knowledge base	knowledge-base	Upload central knowledge centre	Allowed to upload files into knowledge centre
chat.data.admin Coming soon		admin	Can see all user feedback and and user prompts analytics	Read and export user feedback (i.e. export CSV) incl. user prompt Read and export detailed interaction interaction analytics with user prompts
chat.feedback.read Live	read chat-feedback	admin	Can see aggregated analytics (e.g. monthly active users, prompts per space) and upload and download benchmarking	Read and export aggregated user analytics (Chat Interactions, Active Users, Reference Statistics, NPS) Upload and download benchmarking (see Benchmarking )
chat.admin.all Live	configure assistant	admin	Has access to many APIs for performing configurations. But has no access to APIs getting actual data like messages or documents.	Allows configuration and access via API This is an admin role that should only be granted to a few selected users.
chat.debug.read Live	debugging	admin	Can see debugging infos	Debugging (view jsons and chunks with access to knowledge)
admin.user-management.write Live	Manage groups for users	admin	Can see user management section	Add and remove users to groups
admin.space.write Live	Configure spaces	admin	Can see space management section and the AI module templates section	Configure spaces (e.g. add, update, remove space)
admin.app-repository.write Live	Manage app repository	admin	Can see apps management section	Create apps for SDK and integrations Create endpoints where Webhook events are being sent to Create API Keys that allow full system access via APIs Review RequestLogs of Webhooks sent by our system

Additional roles that are not listed on this page but are shown in the Unique IDP can be ignored.

Content and Spaces

Access to content and spaces is fully managed on the Unique platform and outside of the IDP. As a Space Manger with the role admin.space.write you can decide which user groups have access to which space. Only the user groups assigned to a space can view the space (Spaces documentation will follow soon).

Author	@Jovana Sanussi