- Introduction
- Access control and administration
- Account management
- Accessing capabilities
- Role-based access control (RBAC)
- Access control for group-based project roles (Automation Cloud)
- Managing projects
- Governance
- Quotas
- Licensing
- Frequently asked questions
IXP overview guide
When you assign project roles to groups, the users part of those groups can access any projects the groups are added to. This means the users can view the data within those projects, which might not be appropriate for a large group of users, especially in regulated industries. For more details, check Understanding the data structure and permissions.
As a best practice, when you use single sign-on (SSO), segregate groups at relevant and appropriate access levels. For example, if only a limited set of users should have access to a specific project, create a per-project group to provision access to that project. Otherwise, unauthorized people might access the data.
When using Automation Cloud groups, determine if everyone in the group should have access to the project data. This ensures that you only grant access to the right people and maintain proper data security.
IXP does not automatically grant access to the Default Project folder in Manage Access to all users. The access depends on whether the user is part of an Automation Cloud group. Each default Automation Cloud group is mapped to a corresponding permission set in the Default Project, as described in the following table:
| Automation Cloud group | Default Project role |
|---|---|
| Everyone | IXP Viewer |
| Automation Developers | IXP Developer |
| Administrators | IXP Project Admin |
