/
Authorization

Authorization

The Authorization feature is used to configure which Active Directory and Windows accounts can access Connexion, and what Connexion features are available to that account.

The Authorization UI uses a common layout with a list of Roles on the left side, and the configuration of the selected role on the right.

There is an immutable role ‘Administrators’ which uses settings from the Configuration Wizard. Additional roles can be added in this UI, however, you must run the Configuration Wizard to change the accounts originally entered there.

image-20250827-223941.png
Immutable Administrators Role

Let’s create a new role which has limited privileges and map it to the user account Limited (an account created for this tutorial).

  1. Click the Add Role button

  2. Enter the name for the role, and the name of the (Windows or AD) user or group it will map to.

image-20250827-224635.png

  1. Use the Default Role drop-down to preset some of the permissions. Select the Read Only option. This drop-down is a shortcut which will check and uncheck permissions based on some defaults. You can skip this step and check each permission you wish to include in this role.

  2. Scroll down the list of permissions to view which items have been checked.

image-20250827-225040.png
The default Read Only role only checks 3 permissions: Start, Stop, Pause, Query, and View Message.

  1. Click the Save button followed by the Refresh Button.

image-20250827-225336.png

The Authorization information cache is only updated every 5 minutes, unless explicitly clicking the refresh button.

  1. Right-click the Connexion icon in the Windows toolbar, then Shift + Right-Click on the Connexion menu item and choose the option to launch the UI as a different user.

image-20250827-225659.png

  1. Enter the credentials for this user and click OK.

image-20250827-225757.png

A new copy of the Connexion management application should launch. Check the title bar to see the active user.

image-20250827-225954.png
User Limited is shown at the top of the window.

Navigating around the UI, the vast majority of features are read-only. The only active features are the ability to query the queue and view message content.

Permissions

Connexion defines a large set of permissions, and these can be added or removed from the currently selected role by setting the corresponding checkbox.

image-20250827-230550.png

Tabs & Channels

Roles can be restricted to subsets of channels based on Group, Tab, and channel. When a role doesn’t have access to a channel (or tab or group), those items aren’t displayed in the UI.

image-20250827-231253.png
Restrict access to specific Groups, Tabs, and Channels

Tip

You can view each connected users authorization mapping by right-clicking on the user and selecting the View Permission Info option.

image-20250827-231657.png

 

Custom Devices / Plugins can define their own permissions which are surfaced on the Authorization UI. Get in touch with Conevity for more information on this topic.