/
Gateway Authorization

Gateway Authorization

The Authorization feature is used to configure which Active Directory and Windows accounts can access the Gateway, and what Gateway features are available to that account.

The Authorization UI uses a common layout with a list of Roles on the left side, and the configuration of the selected role on the right.

There is an immutable role ‘Administrators’ which uses settings from the Configuration Wizard. Additional roles can be added in this UI (Maps to (additional)), however, you must run the Configuration Wizard to change the accounts originally entered there.

image-20250827-223941.png
Immutable Administrators Role

Let’s create a new role which has limited privileges and map it to the user account Limited (an account created for this tutorial).

  1. Click the Add Role button

  2. Enter the name for the role, and the name of the (Windows or AD) user or group it will map to.

image-20250827-224635.png

  1. Use the Default Role drop-down to preset some of the permissions. Select the Read Only option. This drop-down is a shortcut which will check and uncheck permissions based on some defaults. You can skip this step and check each permission you wish to include in this role.

  2. Scroll down the list of permissions to view which items have been checked.

image-20250827-225040.png
The default Read Only role only checks 3 permissions: Start, Stop, Pause, Query, and View Message.

  1. Click the Save button followed by the Refresh Button.

image-20250827-225336.png

The Authorization information cache is only updated every 5 minutes, unless explicitly clicking the refresh button.

  1. Right-click the Gateway icon in the Windows toolbar, then Shift + Right-Click on the Gateway menu item and choose the option to launch the UI as a different user.

image-20250827-225659.png

  1. Enter the credentials for this user and click OK.

image-20250827-225757.png

A new copy of the Gateway management application should launch. Check the title bar to see the active user.

image-20250827-225954.png
User Limited is shown at the top of the window.

Navigating around the UI, the vast majority of features are read-only. The only active features are the ability to query the queue and view message content.

Permissions

Gateway defines a large set of permissions, and these can be added or removed from the currently selected role by setting the corresponding checkbox.

image-20250827-230550.png

Groups & Remote Agents

Roles can be restricted to subsets of remote agents based on Group. When a role doesn’t have access to a remote agent, it will not be displayed in the UI.

image-20251006-183954.png

Tip

You can view each connected users authorization mapping by right-clicking on the user and selecting the View Permission Info option.

image-20250827-231657.png

 

Custom Devices / Plugins can define their own permissions which are surfaced on the Authorization UI. Get in touch with Conevity for more information on this topic.