1.2.3 Authentication, Permissions and Roles

Authentication

The default authentication mechanism for Thinfinity® Workspace utilizes Windows logon credentials: users authenticate using the same Windows account credentials associated with the host system where Thinfinity Workspace is deployed. The platform also accommodates alternative authentication protocols, including delegated identity providers compliant with industry standards (e.g., OAuth, SAML) and integration with directory service protocols (e.g., LDAP, Active Directory).

Permissions

Permissions determine who has access to what module of Thinfinity Workspace. Also, permissions determine who can access a specific access profile. Permissions can be granted on an individual level for a single user, or for a group of users. Furthermore, permissions can grant access to a single access profile or to several access profiles grouped under a Label.

Roles

Permit the configuration of access control policies and approval workflows by mapping permissions to designated roles. Facilitate the enforcement of access management protocols through the assignment of permissions to predefined roles. In Thinfinity Workspace, roles are utilized to granularly assign permissions pertinent to resource reservation management, including end-user or third-party booking, scheduling, and access authorization for specific users or user groups.