Security Groups
The CMP
Converged Monetisation Platform. The MDS Global product that supports customer care and billing for digital service providers. Identity Server provides the following security groups to control access to CMP components:
Internal Groups
- Internal/everyone - Every user A person with the capability to log in to the CMP GUI software, such as a customer service advisor or agent. is assigned this role.
- Application groups - The Application roles are internal to WSO2 IS. They are a special case of internal roles, created for a single service provider The owner of the infrastructure in which accounts will be created. The Service Provider can host and operate the instance of CMP, or CMP can be provided as a Managed Service. (SP) application and only users in this role can manage relevant SP application. A Service Provider is an item in the WSO2 IS that defines an external application that uses WSO2. It defines what claims the application has access to, what type of inbound authentication mechanism does it use, etc. A user assigned to such a role can modify a specific Service Provider. The Application roles for CMP are:
Application/agent-view
Application/agent-view-interfaces-layer
Application/configuration-centre
Application/rest-ws
Application/role-extender
Application/sabre-console
Application/soap-ws
AgentView Groups
The following group In the Customer Manager Platform hierarchy, the highest level of the structure. The group level can be used to group corporates. Groups can hold financial information. roles control access to AgentView The graphical user interface of the CMP that is typically used by Customer Service Agents to access CMP customer and billing data. In versions prior to CMP 8.0, this was called the CMP GUI. and BackOffice functionality:
- agent-view-backoffice
- agent-view-consumer-csa
- agent-view-consumer-user
- agent-view-enterprise-admin
- agent-view-enterprise-csa
- agent-view-enterprise-user
- agent-view-manager
For more information, see AgentView Groups and Parent Roles.
Business Configuration Groups
The following groups control grant access to the Business Configuration A module in the CMP Administation console that provides for viewing and modification of business and user applicable system configuration. console and API Application Programming Interface. A set of functions and procedures that allow the creation of applications that access the features or data of another software system, such as an application or operating system. and control what functionality the user can access:
- configuration_centre_read_only
- configuration_centre_admin
- config_centre_admin_user
Batch Server/Batch Jobs Groups
The following group roles grant access to CMP batch jobs and the Administration Console An operations web console that allows batch jobs to be scheduled, run manually and monitored. The console also provides for viewing and modification of business and user applicable system configuration. and control what functionality the user can access:
- sabre_console_admin
- sabre_console_advanced_ops
- sabre_console_basic_ops
- sabre_console_read_only
For more information, see Batch Server and Administration Console Groups and Roles.
Web Service Groups
The following group roles control which services the user can access:
- soap-ws-all
- soap-ws-basic
- soap-ws-billing
- soap-ws-customer
- soap-ws-financial
- soap-ws-order
Users with the Application/rest-ws role have access to the RESTful web services Web services that are based on Representative State Transfer (REST) architecture principles, and are therefore designed to work best on the Internet, being lightweight, maintainable, and scalable. CMP provides RESTful web services to access much of CMP functionality..
For more information, see Web Service Groups and Parent Roles.