User Group Permissions

Last updated
Save as PDF

The following gives you a breakdown of each section within User Group Permissions and the specific settings in each:

Users: View and add Users to a group.

Web Services Permissions: Manage permissions tied to Web Services access and settings.

2-Step Verification: Enable Multifactor authentication for User Groups as a simple way to add security to your system.

Locations / Cameras: Enable User Group access to specific locations and groups.

Hidden Cameras: Specify any cameras that should be inaccessible.

Layouts Permissions: Manage permissions for shared layout options and groups.

Video Clips Permissions: Manage permissions for video clip exports and manage access to video clips.

General Info: Edit the Name or Descriptions of the User Group, or to delete the group entirely.

NOTE: Available permissions are dependent on licensing tier. See OWS Licensing FAQs for more information.

Users

The first tab is Users, which allows you to add Users to User Groups. It is recommended to set all of the permissions in a User Group first and then add the Users. For more information on adding Users to a User Group, view the instructions in How to Create Users and User Groups.

User Groups Users tab.png

Web Services Permissions

Use the Web Services Permissions tab to enable or disable User Group permissions pertaining to managing Web Services settings for a location, managing other Users and User Group permissions, and alerts and reports. Under Management > User Groups > Web Services Permissions, check the permissions you want to assign to the User Group. Click Save after checking permissions.

Administrative Access

Allow complete access to all Web Services features and Locations registered to the account.

Web Services Permissions Enable Administrative Access.png

User and User Group Management

User and User Group Administrator: Allows user to add, edit, and delete User and User Groups.

Web Services Permissions User and User Group Management.png

Manage Users and User Groups: Allows users to add, modify, and delete Users and User Groups.

Manage Built-In User Groups: Allows user to view, add, and remove other users from the Built-In User Groups.

Manage Auto Include: Allows user to enable or disable the option to automatically include Locations, Location Groups, and Cameras in User Groups.

Manage Access by External IP Address: Allows users to modify the External IP Address settings.

Manage Non-Email User Accounts: Allows users to add, modify, and delete non-email users.

Manage Locations and Location Groups

Location and Location Group Administrator: Grants full access to manage Locations and Location Groups.

Web Services Permissions Manage Location and Location Groups.png

Manage Locations and Location Groups: Allows users to add, modify, and delete devices, Locations, and Location Groups associated to this user group.

Location Arming: Enable Arming and Disarming of Locations.

Manage Devices

Device Administrator: Grants full access to all Manage Devices permissions.

Web Services Permissions Manage Devices.png

Manage System Settings: Allows users to access and modify System Settings, Support Tools, Intrusion, Licensing, Macros, Network Configuration, Spot Monitor, Storage, and System Logs.

Access Power Options: Allows users to access all device power options.

Access Device Reset Options: Allows users to access device reset options.

Manage Camera Settings: Allows users to add and remove recorder-managed cameras, and configure settings for all cameras.

Set PTZ Presets: Allows users to access and manage PTZ presets.

Manage Software Updates: Allows users to perform manual software updates.

Manage Sensor / Relay Settings: Allows users to manage sensor and relay settings.

Alerts

Alert Administrator: Grants full access to all Alerts permissions.

Web Services Permissions Alerts.png

View Alerts: Allows users to view alerts they've been added to, with access limited to alerts for Locations, Location Groups, and cameras added to this user group.

Manage Health Alert Rules: Allows users to modify any health and storage retention alert rules of which they are a member, as well as create new health and storage retention alert rules.

Manage Non-Health Alert Rules: Allows users to modify any non-health alert rules to which they have been added, as well as create new non-health alert rules.

Configure Third Party Integration Access: Allows users to configure alerts to be sent to third party integrations and view the alerts generated by the alert rule using the Web Services SDK.

Configure Alert Rules to Activate Relays: Allows users to configure alerts to activate relays.

Reports

Report Administrator: Grants full access to manage View Reports and Manage Reports permissions.

EU Web Services Permissions Reports.png

View Reports: Allows users to view reports they have been added to, with access limited to reports for Locations, Location Groups, and cameras added to this user group.

Manage Reports: Users are permitted to create and modify reports, with modifying access limited to reports to which they have been added.

Policies

Policies Administrator: Grants full access to manage all policy types.

Web Services Permissions Policies.png

Manage Settings Policies: Allows users to add, edit, and delete settings policies.

Client Access

Full Client Access: Grants full access to all Client Access permissions.

Web Services Permissions Client Access.png

View Live Video: Allows users to view live video from all available clients.

View Recorded Video: Allows users to view recorded video from all available clients.

Listen to Audio: Allows users to enable audio.

Two-Way Audio: Allows users to enable two-way audio.

Camera Controls: Allows users to use the PTZ and autofocus controls.

Activate Relay: Allows users to see and manually activate relays.

Command Station: Allows users to access Locations and devices using the Command Station application.

Push to Client: Alerts can be sent to users logged into Command Station, provided that the 'Push the Client' option is enabled for each user in the alert rule to receive the alerts.

Force Alerts to be Acknowledged: This option forces the alert pane to remain open until all alerts are acknowledged.

View Shared Layouts: Allows users to view shared camera and map layouts.

Manage Shared Layouts: Allows users to add, edit, and delete shared camera and map layouts.

Edit Linked Cameras: Allows users to add, edit, and delete shared camera and map layouts.

Web Browser / Thin Client: Allows users to connect to Web Services and Locations using a web browser.

Local Console: Allows users to login at the local recorder.

Mobile Applications: Allows users to connect to Locations in the Web Services mobile application.

General Permissions

Audit Log: Allows a user to view all log entries on the account from the Audit Log page.

EU General Permissions.png

Restrict Access by External IP Address

Restrict Access by External IP Address: When enabled, Users in this user group will only be able to connect from the external IP Addresses added here.

Web Services Permissions Restrict Access by External IP Address.png

2-Step Verification

Use this tab to enable multifactor authentication. Multifactor or 2-Step Verification is a simple way to add security to your system. Add another layer of protection to your OWS account by enabling 2-Step Verification in your User Group settings. Under Management > User Groups > 2-Step Verification, check the permissions you want to assign to the User Group and then click Save.

Enable 2-Step Verification: Using 2-step verification will help prevent unauthorized Users from accessing an account with just a stolen password. When users sign in using a new device, 2-step verification will require users to enter both their password and a unique code that they receive on their phones.
Force Disable 2-Step Verification Requirement: In some cases, there may be users who are unable to use 2-Step Verification (users who don't have access to a phone, etc.). When this happens, they may need to be exempted from 2-Step Verification.

User Groups 2-Step Verification tab.png

Locations / Cameras

Use the Locations / Cameras tab to add locations or location groups to a User Group. Whatever is chosen will dictate what locations or location groups that Users can view. For some groups, it may be advised to click Enable Auto Include so that any future locations and their devices added are available to the User Group. If this is enabled, view the Hidden Cameras menu below. Under Management > User Groups > Locations / Cameras, add devices accessible to the User Group.

Add Location: Select All or select specific locations from the menu to add to the User Group. Enable Auto Include so that any future locations and their devices added are available to the User Group.

Enable Auto Include Switch.png

Add Location Group: Select All or select specific location groups from the menu to add to the User Group.
Add Camera: Select All or select specific cameras to add to the User Group.

User Groups Locations Cameras tab.png

Adding Locations and Cameras to a User Group

Click Locations / Cameras on the navigation sidebar.
Click Add Location, Add Location Group, or Add Camera.

Add Location button.png Add Location Group button.png Add Camera button.png

Click the Add button next to each device you'd like to be added for the User Group.

Green Plus button.png

NOTE: To add all Locations, Location Groups or Cameras to a User Group, click Select All.

Click Select when finished.

Select button.png

Hidden Cameras

Use this tab and permission setting to restrict access to specific cameras. Users will not be able to see the cameras or any sensor events the cameras are associated to. This permission will override any other camera permissions. Users in this group will be denied access to the cameras even if they are granted access in another user group. You may use this permission if you selected Enable Auto Include in Locations / Cameras (as you’ve provided access to all of the cameras available on all recorders). Under Management > User Groups > Hidden Cameras, add cameras that are inaccessible to the User Group.

Add Hidden Camera: Click Add Hidden Camera and select cameras that will be hidden and inaccessible to the User Group.

Add Camera popup.png

User Groups Hidden Cameras tab.png

Layouts Permissions

This tab allows you to enable or disable Layout Group Management, Shared Layout Options, and Shared Layout Group Permissions.

Layouts Management Options.png

Management

Manage Shared Layout Groups - Allows users to View, Create, and Edit groups within the Group Management page.

Shared Layout Options

View Shared Layouts - Allows users to view all shared layouts saved within the checked groups below.

Manage Shared Layouts - Allows users View, Create, and Edit all layouts in the checked groups below.

Manage Shared Groups - Allows users to Create and Edit groups within the checked groups below.

Shared Layout Group Permissions - When a group is checked, users will have access to all items in the group corresponding to the permissions assigned in Shared Layout Options.

Video Clips Permissions

This page allows you to enable or disable Video Clip Export and Video Clip Management permissions. Under Management > User Groups > Video Clips Permissions, check the permissions you want to assign to the User Group. Click Save after checking permissions.

EU Web Services Permissions Video Clips Permissions.png

Export
- Export Video Locally - Allows exporting of recorded video to a local storage location (USB, Disc, etc.)
- Export Video to Web Services - Allows exporting of recorded video to Web Services.
Management
- View and Download Any Video Clip - Allows viewing and downloading any video clip.
  - Edit Any Video Clip - Allows editing any video clip titles and notes.
  - Delete Any Video Clip - Allows permanently deleting any video clips.
- View and Download Video Clips Added by User - Allows access to view and download video clips added to the account by the user.
  - Edit Your Video Clips - Allows editing your video clip titles and notes.
  - Delete Your Video Clips - Allows permanently deleting your video clips.
- View Clips Shared with User - Allows access to video clips shared directly with the user. Ability to Download clips is controlled at the share level.
- Download Video Clips - Allows access to download video clips the user has permission to view. Allows sharing to other users with Download option.

NOTE: Any new user groups that are created will have to enable the permissions to View Clips Shared with User and Download Video Clips. User groups created previous to July 17, 2024 will have these Permissions enabled by default.

NOTE: If a user doesn't have permission to download video clips, guest users they share video clips with will also be unable to download video clips.

Limit Access to Locations in this User Group - Access to video clips is only granted if the location is listed in this User Group.
Sharing
- Share Video Clips - Allows sharing of video clips to users who have a full Web Services accounts.
  - Share with New Guest Accounts - Video clips can be shared with users who do not have Web Services accounts. Users without accounts will be given guest accounts.