Security, Release Notes, Features

Introducing Role-Based Access Control

Maarten Verwaest
February 24, 2018

Ghent, February 24th 2018 – Limecraft introduced fine grained Role-Based Access Control (RBAC) to help you better managing digital media production workflows.

What Exactly did we Change?

As a first key element of this new update, you’ll appreciate an extended and more fine-grained range of permissions. It allows you to define a more precise security perimeter. Based on valuable feedback we got from our users, we replaced the original course-grained set of 5 with 15 new permissions.
So, for example, you can now grant a user permission to add or edit material in your production without the ability to delete material.
Limecraft offers Role-Based Access Control (RBAC), giving fine-grained access control to Account Admins and Workspace Admins.
A second major improvement lies in the introduction of roles. You define a role by giving it a name and a description, and by selecting the permissions the role should have.
Limecraft screenshot illustrating how you can create a new role as part of the Role-Based Access Control (RBAC) mechanism.

Next, when inviting a batch of users, you just give than the most suitable role in that particular production. As each user has exactly one role in a production, so it is really easy to manage who can access and execute what in your production.
Limecraft screenshot illustrating how you can invite team members with a specific role as part of the Role-Based Access Control (RBAC) mechanism.

Why we Modified the Way you Manage Access Permissions

It is often a shared and collaborative effort, in which several companies participate. So we looked for the best possible way to support such an approach and we redesigned the way you manage your account and the authorisations that go along with it. It is now easier than ever to add new users and your project is less prone to errors because you have a better overview of all access permissions granted.

The key objectives for redesigning the access permissions system were to offer you improved usability and increased security.

Limecraft screenshot illustrating how you can manage the team members of a workspace, and invite new people as part of your team.
Because you now grant permissions by creating roles and by giving users a specific role per production, managing large projects with several tens of people accessing it is now easier and more solid than before. It is faster to invite multiple people at the same time, your existing user base is much easier to manage. As a side-effect, we’ve found that granted permissions are set now more appropriate, thereby increasing the overall level of security.

Frequently Asked Questions

  • Our company is using Active Directory to manage users and their access permissions. Is Limecraft compatible with Active Directory?
    Yes, we are. Yet, integration with Active Directory or similar requires additional customisation of the setup.
    💡See this article on our Knowledge Base on Single Sign On
  • Creating roles sounds like additional work. Do I have to?
    No. By default, a few standard roles are available in each production. For example, a Production Administrator can do everything, and a Production Member can do everything except for changing production settings. If you want to avoid the administrative burden of managing roles, you can use the standard setup.
  • If a user has Edit Team permission but not Delete Clips permission, can he invite a user with that permission?
    No. A user with the Edit Team permission can only give permissions he has himself.

We warmly welcome any feedback or questions via support@limecraft.com or you can leave some comments below.