Skip to content

ExoSense User Management

Users in ExoSense are managed by their unique email address. Each user has a Role assigned to them that defines their permissions in the application. Users are also invited to one or more groups, which contain assets, group-level dashboards, devices, and subgroups. A user will have access to each group and all subgroups.

Inviting Users

The Users page allows inviting new users and checking the roles / group permissions of existing users.

To invite a user, click the button on the Users page, add their email address, choose their permission role and the group(s) they will have access to in the hierarchy.

Inviting Multiple Users

Multiple users can be invited at one time if they have the same role and group access. Add each of their email addresses to the email form box separating them with a comma (e.g.,

Invitation Expiration

  • New user invitations expire after 8 days.
  • A re-sent invitation will expire after 4 days.

User Roles

Users with the Setup - Roles permission in their role (including Host Administrators) can create, edit, and remove user roles. Roles define functionality rights to a user. The default role for initial users is 'Host Administrator' which provides all functional permissions below. As an example, administrators (those with the Setup-Roles function enabled) can create a new role such as "Installer".

Permissions and Group Relationship

All permissions adhere to a strict control access policy tied to the group node at which the User with the role (permissions) has.

  • A user with a Role with the View Asset Data permission will only see assets and groups that they have access to in group hierarchy.
  • A user with a Role with the Asset Management permission will only be able to add and edit assets that they have access to in group hierarchy.
  • A user with a Role with the User Management permissions can only invite and edit users within the groups they have access to.

Permissions and Feature Availability

Some permissions are tied to the feature available to the solution. Some features are enabled/disabled at the Tier level. Features are also controlled with the administrative Feature Controls.

Role Permissions

Permission General Category Description
View Asset Data Viewer Allows viewing assets in lists and their data in dashboards, event logs, and reports.
View Asset Viewer Allows viewing assets in lists (including statuses and last reported times.) This is the most restrictive viewing permission.
Dashboard Management Viewer Allows a user to publish/un-publish dashboards. Legacy Permission: No longer supported with new Side Navigation UI.
Asset Management Asset Management Allows a user to manage assets, including adding, editing, and removing of assets, configuration, and dashboard creation.
Asset Template Management Asset Management Allows a user to manage asset templates.
File Management Asset Management Allows a user to maintain (upload) asset content files and setup Content Viewer dashboard panels.
View Unpublished Files Asset Management Allows a user to see an asset's content files that have been uploaded, i.e. see the Asset Content tab. Can not upload new files.
Asset/Device Control Asset Management Allows the user ability to interact with device control dashboard panels.
Bulk Change Asset management Allows users to easily make bulk updates to large numbers of signals or assets.
Condition Policy Management Asset management Allows a user to create, update, read, and delete condition policies.
Condition Read-Only Viewer Allows a user read-only access to conditions.
Condition User Technician Allows a user to change condition states, leave comments, and assign conditions
User Management Manager Allows for inviting, editing (user's role/groups) and removing users.
Group Management Manager User can access the Browse screen and add, edit, and remove groups, as well as change an asset’s group assignment.
Data Explorer Manager Access to Data Exploration tool.
Device Management Device Management Users can look at connected IoT device data and configure their channels.
Device Software Package Management Device Management Allows a user to see and apply available software packages for devices.
Device Software Package Administration Device Management Allows a user to manage software packages available to devices.
User Activity Logs Administrator - Group Allows for viewing user activity logs. User must be on the root node for permission to be enabled.
Manage Custom Insights Administrator - Group Allows users to create custom transforms and rules in the UI using MathJS or JSON-e.
Api Tokens Administrator - Group Allows a user to create and delete API Tokens.
Setup - Roles Administrator - Group Allows a user to create, edit, and delete user roles from the larger set of user permissions.
Legal Administrator - Solution Allows user to edit the standard terms and conditions, and add a custom URL for the privacy policy.
Setup - Theme Administrator - Solution Allows a user to control the theme and logos, application name, default language,
Setup - Data Sources Administrator - Solution Allows an administrative user to view which IoT connectors are available for this ExoSense instance.
Setup - Feature Control Administrator - Solution Allows an administrative user to control which features are enabled on a solution.
Work Instruction Management Manager Access to Uploading and Duplicating Work instructions.
Work Order Administrator Manager Can create, assign, schedule, perform, be assigned, edit and view work orders. Has all work instruction capabilities also.
Work Order Manager Manager Can create, assign, schedule and view Work Orders. Can leave comments and update the description.
Work Order Perform Technician Can be assigned, perform (complete steps, upload evidence/comments), and view Work Orders.
Work Order View Viewer Can view work orders. Can view work instructions.

Creating / Editing User Roles

User Role Management Area

In this example, a new user role called "Installer Midwest Region" can be created with permissions to view asset data and manage Asset configuration. This new role can optionally be assigned to only be accessible at a sub group node.

Setup a new user role