- Accounts: Represent your organization, company, or sub-organizations within the company. You can organize accounts to match the actual structure of your organization. Within each Account, you can add Members.
- Members and Users: A user refers to a single person who access the system. Each user has a unique identifier (their email) and can select their own password. Each user can be be a Member of one or more Accounts. You can add users to Accounts by inviting them to the Account (as a Member) and then assigning Roles to the member.
- Roles: The set of permissions that users can perform with specific resources (such as networks or connections). Roles are owned by Accounts (and inherited by their children). For example, if User A has Role X for Account 1, the user will also have the role for all child accounts of Account 1.
An Account represents a company or billing unit in your organization. You can create multiple accounts and sub-accounts. Your primary account is the first account you join or the account you created when you originally signed up for Pureport service. If your role permits, you may also create child accounts. Child accounts provide a convenient way to segregate and manage your different business units (eg: finance, marketing, etc) or to manage networks on you customers' behalf.
New top-level or parent accounts may be created by signing up for a new account from the Pureport console. Child accounts can be created from within an existing account. When you create a child account, it inherits the billing information of the parent account. You may override the billing settings on a per-account basis.
Creating child accounts
To create a child account (sub-account):
- Select Child Accounts in the left navigation menu.
- On the Child Accounts page, click + Add New Child Account (in the top-right of the page).
- In the New Account page, enter a meaningful Name and Description.
- Click Save. The system creates and displays the newly created Child Account.
Members (and Users)
Each user can be a member of multiple accounts. Their access is defined by the Roles granted to each Member of each Account.
- Select Members in the left navigation menu.
- On the Members page, select Invite a new user.Note: The Members page lists all current members.
- In the Invite a user page, enter the Email of the user to invite and select a Role for the member.
- Click Invite.
- If the user (email) already exists, the user is added as a new Member to the Account. The user can continue to use their same login credentials for both accounts.
- If the user (email) does not exist, an email is sent to them inviting them to create a user profile and joint the account.
To delete a Member:
- From a single Account: Simply remove the Member from the Account. This removes the user only from the selected Account. If the user is a Member of other Accounts, that access remains.
- From all Accounts: There is no way to automatically remove a user from all accounts they are tied to. You may manually Member from each account they are associated with. You may also open a support case for assistance in ensuring the user has been completely removed from all accounts you are authorized for.
Use Roles to define access control to grant Members specific permission within a given Account. Members can have different roles in different accounts. For example Member A could be an Administrator in Account 1 but have read-only access in Account 2. Roles you create can be assigned to other Members or API keys.
The Pureport Console allows you to configure of Role Based Access Controls for both API keys and Members (users).
The Admin role is a special, predefined role that has full permissions to perform all actions on all resources owned by the Account (and all child accounts). You can create additional roles in order to grant more specific and limited access to certain Members and API keys.
A role defines what permissions are granted ans what actions can be performed against a given set of resources that are owned by the Account.
These permissions include:
- All: Full control to read, create, update, and delete configuration resources
- Read: Read-only access to existing configuration resources
- Create: Create configuration resources
- Update: Modify existing configuration resources
- Delete: Delete existing configuration resources
You can use Roles to grant or limit access to resources, such as:
- All: All resource types
- Networks: Network resources, including networks and connections
- Roles: Create and modify roles
- Members: Members (user accounts)
- Accounts: Account and sub-account
- Billing: Billing information
To create a new Role:
- Select Roles in the left navigation menu.
- On the Roles page, select + Add New Role (in the top-right of the page).
- In the New Role page, enter a meaningful Name and Description.
- Select the combination of permissions that should be granted to users and/or API keys assigned to the new Role.
Note: Selecting All Resources will grant access to all resources owned by the Account.
- Click Save to save the newly created role.