Glyue User Docs
  • What is Glyue?
  • Tutorials
    • Start Here
    • Building a Single-Step Integration
      • 1. Creating the Integration
      • 2. Calling the External System
      • 3. Running the Integration
      • 4. Crafting the Output
    • Building a Multi-System Integration
      • 1. Connecting to the Core
      • 2. Field Mapping
      • 3. Running the Integration
    • Building an Event-Driven Integration
      • 1. Setting up the Mock CRM
      • 2. Receiving Inbound Requests
      • 3. Triggering the Integration from the CRM
    • Building an Email Integration
      • 1. Create and Configure the Integration
      • 2. Input Validation
      • 3. Get Story IDs from Hacker News
      • 4. Get Story Content
      • 5. Sending the Email
      • 6. Wrapping Up
      • 7. Extra credit
        • extra_credit.json
    • Building a RESTful CRUD Web Service
      • 1. Integration Setup
      • 2. Vault Setup
      • 3. Create Web Service Endpoints
      • 4. Execute Web Service Endpoints with Vault Methods
      • 5. Vault Code Examples and Explanation
    • Building a Retrieval API against FIS CodeConnect
      • 1. Integration Setup
      • 2. Service Request Setup
      • 3. Field Mapping Setup
      • 4. Integration and Service Request Hook Setup
      • 5. Testing the Integration
      • 6. Common Errors
    • What is Pre-Mapping?
      • Before you start
      • Bookmarks
      • Source and Targets
      • Field Mapping Status
      • Field Mapping Comments
      • Summary
  • How-To Guides
    • How to Run an Integration from Glyue
    • How to Invite New Users
    • How to Create a Value Mapping Set
    • How to Build and Deploy a Custom Frontend
    • How to Migrate an Integration
    • How to Set Up Single Sign On (SSO)
      • Glyue Setup
      • JumpCloud Setup
      • Azure Setup
      • Okta Setup
      • Glyue SAML Config Reference
    • How to Install the Glyue App for Zoom Contact Center
    • How to use the Vault
  • Reference
    • Integration Builder Page
    • Integration Anatomy
    • Integration Components
      • Integration
      • Service Request
      • Field Mapping
      • Value Mapping Set
      • Value Mapping
      • Validation Rule
      • Mask
      • Integration Config
      • Integration Engine Versions
    • Integration Lifecycle
    • Special Functions
      • add_run_label
      • callint
      • debug
      • end
      • get_namespace
      • humanize
      • import_helper
      • keep
      • list_files
      • map_value
      • open_glyuefile
      • open_vault
      • Data Manipulation Utilities
      • calladapter
    • Special Variables
      • __adapter_config__
      • input
      • parentint
      • retvalue
      • run_history_id
      • Iterables
        • fitem/fidx
        • sritem/sridx
        • vritem/vridx/vrmsg
    • Adapters
      • Generic HTTP Adapter
      • Email SMTP Adapter
    • Web Service Endpoints
    • Vault Reference
  • Glyue Platform Reference
    • Banking Core Connectivity Guide
    • Authentication
    • Permissions
      • Service Accounts
      • Organizations
    • Frontends
    • Idempotency Layer
    • Integration Scheduler
    • Governance Reports
    • Arbitrary Integration Request Content Support
    • Admin Components
    • Logging
  • ETL
    • Glyue ETL Overview
    • Data Connectors
    • Workflows
    • Run History
    • Scheduler
Powered by GitBook
On this page
  • User Type
  • User Permissions
  • Integration Permissions
  • Group Permissions
  • Permissions Across Environments

Was this helpful?

  1. Glyue Platform Reference

Permissions

PreviousAuthenticationNextService Accounts

Last updated 1 month ago

Was this helpful?

A Glyue user's permissions a governed by three concepts:

User Type

Page
Standard User
Staff User

Dashboard

Bookmarks

Run History

Build

Swagger API

Schedule

Vault

--

Migrate

--

View Changes

--

Invite

--

Admin (settings)

--

A Standard Glyue user account is appropriate for everyday users who are involved in the building, maintenance, or monitoring of integrations.

A Staff Glyue user is equivalent to a system administrator. These users have access to additional pages, notably the Invite page, which allows them to invite additional Standard and Staff users into Glyue, and the Admin page, which controls settings for the Glyue environment.

A Service Account is an account created to manage third-party system access to integrations on Glyue. A Service Account is only meant to execute integrations, and cannot log into the Glyue UI, view or edit integrations, or invite other users. Learn more about service accounts here.

User Permissions

Both Standard and Staff users can have their abilities augmented by being granted permissions specific to a particular action. These permissions must be granted by a member of Sandbox staff — reach out to support@sandboxbanking.com for help.

Integration Permissions

Each user — both Standard and Staff — must be explicitly granted permission to access integrations. This must be done for each integration. Typically this is handled by your Sandbox Solution Engineer — reach out to support@sandboxbanking.com for help.

Integrations have four separate permission types: Read, Write, Execute, and Debug. By default, the user who creates the integration has all four integration permissions.

  • read — Allows the user to see the contents of the integration, including its Service Requests, Field Mappings, Value Mapping Sets, etc.

  • write — Allows the user to modify the integration

  • execute — Allows the user to run the integration using the Run Integration feature, or via an API call using their account credentials

  • debug — Allows the user to see run histories from past integration runs, regardless of which account originally ran the integration

Group Permissions

Groups may have additional permissions granted to them. Any member of the group automatically receives these permissions when they become a member of a group, and the permissions are revoked if the user is removed from the group.

Permissions granted through a group are only additive to any existing permissions a user has.

Groups and Group Permissions are typically managed by Sandbox — reach out to support@sandboxbanking.com for help.

Permissions Across Environments

In standard Glyue projects, a user will have access to three separate environments: DEV, TEST, and PROD. While the permissions concepts outlined on this page function the same way on all three environments, policies and best-practice dictates which permissions are typically given in each environment. Glyue's default policy is:

Environment
Integration Permissions

DEV

Read, Debug, Write*

TEST

Read, Debug

PROD

Read, Debug

*We recommend restricting Write permissions to the minimum set of users necessary to build the integration.

You'll notice no group receives Execution permissions. Glyue's best practice is to restrict execution permissions to a dedicated , rather than executing integrations via an employee's Glyue account.

service account
User Type (Standard, Staff, Service Account)
User Permissions
Group Permissions
✅
✅
✅
✅
✅
✅
✅
✅
✅
✅
✅
✅
✅
✅
✅
✅
✅