Permissions
Overview
The permissions menu allows you to configure the permissions for the access to the RADIUSaaS web portal.
RADIUSaaS leverages Microsoft Entra ID (Azure AD) as an identity provider for the logon-authentication to the admin portal. It does not store or manage its own administrator identities. The authentication is delegated to the corresponding Microsoft Entra ID (Azure AD) tenant of the provided UPN.
Therefore administrators enjoy the comfort of working with their own Microsoft Entra ID (Azure AD) accounts and do not have to setup additional accounts.
Please enter Microsoft Entra ID (Azure AD) UPNs in the provided fields and separate them with comma and space.
Example:
The wildcard "*" is also supported, and may be used to allow all users from a certain domain.
Example:
Roles
Administrators
Microsoft Entra ID (Azure AD) UPNs entered in this field have permission to access the RADIUSaaS admin portal. Permissions include:
See the dashboard and logging
See and change users
See and change settings including permissions
Viewers
Users can see everything but are not able to make any changes
Users
Users can access the Users portal, where they are able to create Users for them or their guests
Permissions consent
Users who log in to the RADIUSaaS web portal for the first time must grant RADIUSaaS permissions in their Microsoft tenant.
RADIUSaaS requires 2 permissions:
View your basic profile
Maintain access to data you have given it access to
There are two alternative ways to provide consent:
User consent Each user accepts the consent upon first login to the portal.
Admin consent An administrator can consent on behalf of the organization for all users.
User consent
If no consent has been given on behalf of the organization before by an admin, a user will see a permission request dialogue. This is a screenshot of the consent request, when logging in the first time:
Users can review or revoke this consent in Microsoft MyApps: https://myapps.microsoft.com
Administrators can review & revoke user consents in the Azure Portal (Enterprise Applications => RADIUSaaS):
Admin consent
Rather than requiring consent from each user, administrators can grant consent for all users on behalf of the organization, when logging in the RADIUSaaS web portal for the first time:
Alternatively administrators can grant the consent on behalf of the organization in the Azure portal (Enterprise Applications => RADIUSaaS). In Azure Portal, administrators can also review or revoke the consent:
Last updated