Permissions

Permissions allow you to provide granular access to the system. For example,
you might have two groups, "System" and "Investigators."
Through permissions, you could limit these two groups to only the appropriate level of access:

For example, you could limit:

  • the Systems team to only systems-level actions, like creating teams and webhooks.
  • the Investigators to only financial investigation data, like Rules, Cases, Alerts, and SARs

In this example, each group has access to only the data that is necessary to their job.

You can configure permissions for teams or individual agents

There are two ways to configure permissions: on the team-level, and on the agent-level.

  • For team-level permissions, every agent on the team has the same permissions.
  • Agent-level permissions provide permissions for only a single agent. It's also possible to use agent-level permissions to add unique permissions to a team member.

Team level permissions are preferred

In most cases, Unit21 recommends using team permissions.

Team-level permissions reduce manual labor and make changes much less error prone. It is easy to extend or limit a teams permissions, rather changing many accounts, you only need to change the team account.

Furthermore, team permissions let you create a standard set of custom roles.

Alert Permissions

16001600 16001600

ALERTS

Alerts

|__

My Alerts
/alerts/my-alerts

Read:Alerts

|__

Get More Alert button

Read:Alerts

|__

Alert Detail page

Read:Alerts
Read:Alert_Media
Read:Txn_Instruments
Read:Events

|__

Export

Read:Alerts

|__

Attachments / Add files

Edit:Alerts

|__

Re-Assign

Edit:Alerts

|__

Change Queue

Edit:Alerts

|__

Alert Component button

Read:Alert_Component_Buttons

|__

Edit Deadline

Edit:Deadlines

|__

Queues
/alert-queues

Read:Alerts
Read:Assignments

|__

Create a New Queue button

Edit:Alerts

|__

Edit Queue
/alerts/queues/:id

Requeue:Alerts

|__

Delete Queue

Delete:Alert_Queues

|__

Admin
/alerts/admin

Read:Alerts
Read:Assignments

|__

Bulk Actions

Reassign:Alerts

|__

  • Create Alert button
    /alerts/create

Create:Alerts

|__

Collaboration
/alerts/collaborations

|__

Internal
/alerts/collaborations/internal

|__

External
/alerts/collaborations/external

Case Permissions

16001600

CASES

Cases
/cases

|__

My Cases
/cases/my-cases

Read:Cases

|__

Case Detail page
/cases/:id

Edit:Cases

|__

Edit Deadline

Edit:Deadlines

|__

Admin
/cases/admin

Read:Cases
Read:Assignments

|__

  • Create case button
    /cases/create-case

Create:Cases

|__

Collaboration
/cases/collaborations

Read:Cases
Read:Case_Collaboration

|__

Internal
/cases/collaborations/internal

Read:Cases
Read:Case_Collaboration

|__

External
/cases/collaborations/external

Read:Cases
Read:Case_Collaboration

SAR / STR / Report Permissions

16001600

REPORT FILINGS

Report Filings
/filings

|__

FinCEN SAR
/filings/sars
/filings/sar

Read:Sars

|__

SAR Detail page
/filings/sar/:id

Edit:Sars
Read:Sars_Config
Submit:Sars

|__

Archive button

Delete:Sars

|__

  • Create FinCEN SAR button

Create:Sars

|__

goAML STR
/filings/go-aml

Read:Sars

|__

STR Detail page
/filings/go-aml/:id/edit

Edit:Sars
Read:Sars_Config
Submit:Sars

|__

Archive button

Delete:Sars

|__

  • Create goAML STR button
    /filings/go-aml/create

Create:Sars

Data Explorer Permissions

16001600 16001600 16001600 16001600 16001600 16001600 16001600

DATA EXPLORER

PERMISSION NEEDED

Data Explorer
/data-explorer

Read:Entities

|__

Entities
/data-explorer/entities

Read:Entities

|__

Entity Details

Read:Entities

|__

Entity Details Summary
/entities/:id

|__

Start Verification

Read:Verification

|__

Create Case

Read:Cases

|__

Tags and Comments

Edit:Entities

|__

Transactions

Read:Events

|__

Events

Read:Events

|__

Devices

Read:Devices

|__

Link Analysis
/link-investigation

Read:Link_Analysis

|__

Risk

Read:Risk_Ratings

|__

Custom Profile

Read:Custom_Profiles
Edit:Custom_Profiles

|__

Entity Risk Page

Read:Risk_Ratings

|__

Alerts

Read:Alerts

|__

Cases

Read:Cases

|__

Risk Ratings

Read:Risk_Ratings

|__

SAR

Read:SAR

|__

Entity Attachements

Read:Entity_Media

|__

Entity Txn Instruments Page

Read:Txn_Instruments

|__

Entity Verification Page

Read:Verification

|__

Whitelisted Rules List

Edit:Entities

|__

Custom Profile

Read:Custom_Profiles

|__

Form

Edit:Custom_Profiles

|__

Network Analysis Summary

Read:Link_Analysis

|__

Entity Activity Analysis

Read:Events*

|__

Link Analysis Summary

Read:Link_Analysis

|__

Instruments
/data-explorer/instruments

Read:Txn_Instruments

|__

Txn Instrument Summary
/instruments/:id

|__

Tags and Comments

Edit:Txn_Instruments

|__

Whitelisted Rules List

|__

Devices
/data-explorer/devices

Read:Devices

|__

Device Summary
/devices/:id

|__

Tags and Comments

Edit:Devices

|__

Geolocation

|__

Entities

|__

Action Events Table

|__

Transactions
/data-explorer/transactions

Read:Transaction_Events

|__

Sidebar Transaction

Transaction Detail Page
/data-explorer/transactions/:id

|__

Can open entity summary

|__

Can open instrument summary

|__

Actions
/data-explorer/events

Read:Action_Events

|__

Action Event Model

|__

Upload File
/data-explorer/upload-file

Read:DataFile_Uploads
Create:DataFile_Uploads
Delete:DataFile_Uploads

Rule + Detection Modeling Permissions

16001600

DETECTION MODELING

Detection Modeling
/detection-models

Read:Rules

|__

Rules
/detection-models/:id

Edit:Rules

|__

Create a Rule
/detection-models/create

Create:Rules

Matchlist Permissions

16001600

MATCHLISTS

Matchlists
/matchlists

|__

  • Create Matchlist button

Create:Blacklists

|__

Matchlist Detail page
/matchlists/:id

Edit:Blacklists
Delete:Blacklists

Verifications Permissions

16001600

VERIFICATIONS

Verifications
/verifications

|__

Create workflow
/verifications/workflows/create

|__

Verification workflows
/verifications-workflows

Read:Verification_Workflows
Edit:Verification_Workflows
Create:Verification_Workflows
Delete:Verification_Workflows

|__

Verification workflow
/verifications/workflows/:id

|__

Entity verification

Edit:Verifications_Config

System and Profile Permissions

16001600 16001600 16001600 16001600

SYSTEM

System
/system

|__

Agents
/system/agents

Read:Agents
Edit:Agents

|__

Agent detail page
/agents/:id

|__

Teams
/system/teams

Read:Teams
Edit:Teams
Create:Teams
Delete:Teams

|__

Team detail page
/teams/:id

|__

Webhooks
/system/webhooks

Read:Webhooks

|__

Webhook detail page
/webhooks/:id

|__

  • Create webhook button

Edit:Webhooks
Create:Webhooks
Delete:Webhooks

|__

Workflows
/system/workflows

|__

Tabs
/system/workflows/:tab/:id

|__

File exports
/system/file-exports

Read:Assignments

|__

Censorship
/system/censorship

Read:Censorship_Conditions
Edit:Censorship_Conditions
Create:Censorship_Conditions
Delete:Censorship_Conditions

|__

Tags
/tags-edit

PROFILE

Profile
/agents/:id

|__

Permissions
/agents/:id/permissions

Read:Permissions
Edit:Permissions

|__

Notifications
/agents/:id/notifications

|__

Display settings
/agents/:id/display-settings

16001600

Settings Permissions

16001600 16001600 16001600 16001600

SETTINGS

Settings
/settings

Edit:Account_Settings

|__

Account
/settings/account

|__

Notifications
/settings/notifications

Edit:Notification_Settings

|__

Integrations
/settings/integrations

Read:API_Keys
Create:API_Keys
Delete:API_Keys

|__

Deadlines
/settings/deadline

Read:Deadlines_Config
Edit:Deadlines_Config
Create:Deadlines_Config
Delete:Deadlines_Config

|__

Report Filings
/settings/filings

|__

Verifications
/settings/verifications

|__

Interface
/settings/interface

Edit:Storage

|__

Custom data
/settings/custom-data

Read:Custom_Data
Edit:Custom_Data

Dashboards Insights Permissions

16001600

DASHBOARDS

Dashboards (Insights)
/dashboards

Read:Insights

|__

View Dashboard
/dashboards/:id

|__

Dashboard Options

Create:Dashboards
Edit:Dashboards
Delete:Dashboards

|__

Chart ... menu

Edit:Charts

|__

  • Add Charts button

Create:Charts

Parent - Child Org Permissions

16001600

CHILD ORGS

Child orgs
/child-orgs/list

Read:Child_Orgs

View child/parent org alert and case permissions in their specific sections.


Did this page help you?