Project security and best practices

Hi all,

I am working on a project to monitor multiple sites with roles admin, manager and operator. Each site will have their own users with admin, manager, operator roles. Users from one site should not have access to information from another sites, except for “all sites” users. I am considering two options for the security setup:

Option 1:
IDP: ProjectA
Usersource: ProjectA
Security Level:
Authenticated
|-- Roles
|-- gw_admin
|-- gw_manager
|-- gw_operator
|-- siteA_admin
|-- siteA_manager
|-- siteA_operator
|-- siteB_admin
|-- siteB_manager
|-- siteB_operator

Option 2:
IDP: ProjectA
Usersource: ProjectA
Security Level:
Authenticated
|-- Roles
|-- admin
|-- manager
|-- operator
|-- Sites
|-- allsites
|-- siteA
|-- siteB

What should be the best practices for these type of application? Any suggestions will be appreciated.

Thanks.

Below is an image for a clearer picture
image

1 Like

Were you able to get his working? We have a similar situation.
Duane