When new users are added to the app, they are assigned a specific role that defines the operations they are authorised to perform.

This article will serve as a guide to understanding how roles and permissions work within the platform.

Roles

By default, Wizata offers predefined roles, each designed to support specific operational needs..

For instance, to streamline tasks for engineers and operators, an admin can assign them the Operate User role. This role allows them to interact with existing dashboards, explore data through the Data Explorer, and create their own dashboard components.

The following table summarizes the different permissions for all the default roles available:

Role	Permissions
Admin	Full access to all the modules of the platform and DSAPI. Access to modify user roles assignment, platform settings and integrations.
Designer	User with full access to all the modules of the platform and DSAPI.
Digitizer	Similar to Operate User, with access to Data Hub section to modify common elements like datapoints, twins & labels, and DSAPI access to manipulate datapoints & twins and make queries.
Operate User	Similar to Operate Viewer, with additional access to Data Explorer, creation of personal components and access to DSAPI for pipeline executions.
Operate Viewer	Restricts a user to read-only access on Control Panel section module.
Read-Only	Restricts a user to read-only access on all the platform's main modules and respective operations.

Twins

By default, a user can access all data on the platform with the permissions defined in his roles. But it is possible to restrict him to some subset of data depending on its location and/or process it belongs.

Admins can restrict an user to certain twin by navigating to the User Management > Users, selecting the user and clicking on Bulk Edit

On Twins, select between the available twins from the platform.

Selecting a parent twin will automatically include all its related sub-assets.