Permissions Reference

Generally, there are four possible permission actions

  • Read─agent can view an existing resource
  • Edit─agent can edit or update an existing resource
  • Create─agent can create new resources
  • Delete─an agent can delete existing resources

Some resources have limited actions. For example, entity list can be only read. The list cannot be created, deleted, or edited.

Occasionally, a resource has extra permissions. For example, SARs have the submit permission.

Basic Account Settings

Basic Description URL Permission
Can view permissions Ability to view your permissions agents/:id/permissions read:permissions
Can edit permissions Ability to edit your permissions agents/:id/permissions edit:permissions
Can edit account settings Ability to edit your account settings /settings edit:account_settings
Can edit agent notification settings Ability to edit your notification settings /settings/notifications edit:notification_settings
Can edit media storage source Ability to edit your notification settings /settings/integrations
/alerts/:id/documents
edit:storage

Agent and Team Permissions

Permissions Description URL Permission
Can view agent and team permissions Ability to view the permissions of a team or an agent /system/agents
/system/teams
read:teams
Can edit agent and team permissions Ability to edit the permissions of a team or an agent /system/agents
/system/teams
edit:teams
Can create agent and team permissions Ability to create new permissions of a team or an agent /system/agents
/system/teams
create:teams

Agent Permissions

Agents Description URL Permission
Can view agents Ability to view existing agents in your organization /system/agents
/agents/:id
read:agents
Can edit agents Ability to create new agents and change agent status /agents
/agents/:id
edit:agents

Alert Component Buttons

Alert Component Buttons Description URL Permission
Can read alert component buttons Ability to view alert component buttons (buttons that resolve flagged transactions in an alert) /system/agents
/alert/:id
read:alert_component_buttons

Alerts

Alerts Description URL Permission
Can view alerts Ability for agent to create new Alerts /alerts
system/system-workflows
system/assignments
read:alerts
Can edit alerts Ability for agents to edit existing Alerts /alerts/:id* edit:alerts
Can create alerts Ability for agents to create new Alerts create:alerts
Can re-assign alerts Ability for agents to assign Alerts to another agent /alerts/admin reassign:alerts
Can re-queue alerts Ability for agents to move Alert to another alert queue /alerts/admin requeue:alerts
Can view alert media Ability for agents to view media associated with alert /alerts/documents read:alert_media
Can delete alert queues Ability for agents to delete a queue /alerts/queues delete:alert_queues

Custom Data Permissions

Custom Data Description URL Permission
Can edit custom data settings Ability to view custom data settings tab /settings/custom-data read:custom_data_settings
Can read custom data settings Ability to add/remove/change custom data settings /settings/custom-data edit:custom_data_settings

Teams Permissions

Teams Description URL Permission
Can view teams Ability to view existing teams of agents /system/teams read:teams
Can edit teams Ability to add/remove agents from a team /system/teams edit:teams
Can create teams Ability to create a team of agents /system/teams create:teams
Can delete teams Ability to delete a team of agents /system/teams delete:teams
Can edit team notification settings Ability to delete a team of agents /system/teams edit:team_notification_settings

Instruments Permissions

Instruments Description URL Permission
Can view instruments Ability for agents to view instruments in the Data Explorer /data-explorer/instruments read:txn_instruments
Can edit instruments Can add tags and comments to instruments
Can whitelist and un-whitelist instruments for rules
/instruments/:id/summary
/instruments/:id/rule-whitelist
edit:txn_instruments

Entities Permissions

Entities Description URL Permision
Can view entity list Ability for users to view entities in the Data Explorer /data-explorer/entities
Can view entity media Ability for users to view the media tab of an entity /entities/:id/media read:entity_media
Can view entities Ability for users to view specific entities /entities/:id/summary read:entities
Can edit entities Ability for users to edit entities /entities/:id edit:entities
Can view link analysis Can view the link analysis tab in the entity details page /entities/:id/link-analysis read:link_analysis
Can edit custom profiles Can edit custom profiles on the entity details page /entities/:id/custom-profile
Can view custom profiles Can view the custom profiles tab on the entity details page /entities/:id/custom-profile

Events Permissions

Explorer Description URL Permission
Can view events Can view events and transactions throughout the dashboard, especially the tabs in the urls data-explorer/transactions
data-explorer/events
read:events
Can edit events Can add tags and comments to events data-explorer/transactions
data-explorer/events
edit:events

Assignments

System Description URL Permission
Can view assignments Can view the assignments page
Can view the file exports page
Can view the 'Admin' tab of alerts
Can see and use the 'Re-Assign' and 'Change Queue' buttons on the alert details page
/system/assignments
/system/file-exports
/alerts/admin
/alerts/:id
read:assignments

Rules Permissions

Rules Description URL Permission
Can view rules Ability for users to view existing Cases /cases read:rules
Can edit rules Ability for users to edit existing Cases /cases/:id edit:rules
Can create rules Ability for users to create new Cases /cases/create create:rules

PII Censorship Permissions

Censorship Description URL Permission
Can read censorship conditions Ability for agents to view the Censorship conditions tab in System /system/censorship read:censorship_conditions
Can delete censorship conditions Ability for agents to delete a Censorship condition /system/censorship delete:censorship_conditions
Can create censorship conditions Ability for agents to create a new Censorship condition /system/censorship create:censorship_conditions
Can edit censorship conditions Ability for agents to edit an existing Censorship condition /system/censorship edit:censorship_conditions

Custom Profiles Permissions

Custom Profiles Description URL Permission
Can read custom profiles Ability for agents to read the Custom Profile tab in the Entity page /entities/:id/custom-profile read:custom_profiles
Can edit custom profiles Ability for agents to change an Entities' custom profile /entities/:id/custom-profile edit:custom_profiles

Cases Permissions

Cases Description URL Permission
Can view cases Ability for agents to view existing Cases /cases read:cases
Can edit cases Ability for agents to edit existing Cases /cases/:id edit:cases
Can create cases Ability for agents to create new Cases /cases/create create:cases

Workflows Permissions

Workflows Description URL Permission
Can view verifications Ability to view existing workflows in Verifications /verifications-workflows read:verifications
Can view verification workflows Can view verification api keys /verifications-workflows read:verification_workflows
Can edit verification workflows Ability to edit an existing workflow in Verifications /verifications-workflows edit:verification_workflows
Can edit verifications configurations Can edit verification api keys settings/verifications edit:verifications_config
Can create verification workflows Ability to create an new workflow in Verifications /verifications-workflows create:verification_workflows
Can delete verification workflows Ability to delete an existing workflow in Verifications /verifications-workflows delete:verification_workflows

SARs Permissions

SARs Description URL Permission
Can view sars Ability for users to see Report Filings page /cases/:id/sar
/filings/
read:sars
Can edit sars Ability for users to edit a SARs filling /filings/sar/:id edit:sars
Can create sars Ability for users to start the SARs filling process /filings/ create:sars
Can edit sars configuration Can view and edit the SAR settings used for pre-population and CAR alerts /settings/sarFilings edit:sars_config
Can submit sars Ability for a user to submit a report to FinCEN /filings/ submit:sars

Matchlist / Blacklist Permissions

Matchlist Description URL Permission
Can view blacklists Can view matchlists /matchlists/* read:blacklists
Can edit blacklists Can edit matchlists /matchlists/:id edit:blacklists
Can create blacklists Can create matchlists /matchlists create:blacklists
Can delete blacklists Can activate and deactivate blacklists /matchlists/:id delete:blacklists

Risk Score Permissions

Risk Score Description URL Permission
Can view risk ratings Ability for agents to view risk scores /risk-scores read:risk_ratings
Can edit risk ratings Ability for agents to edit risk score formulas /risk-scores/:id edit:risk_ratings
Can create risk ratings Ability for agents to create new risk score formulas /risk-scores/create create:risk_ratings

Deadline Permissions

Deadlines Description URL Permission
Can view deadlines configuration Ability to view a Deadline /settings/deadline read:deadlines_config
Can edit deadlines in an article view Allows agents to extend a deadline when they are viewing an Alert or Case /alerts/:id edit:deadlines
Can create deadlines configuration Ability to create a Deadline /settings/deadline create:deadlines_config
Can edit deadlines configuration Ability to edit a Deadline /settings/deadline edit:deadlines_config
Can delete deadlines configuration Allows agents to delete a Deadline /settings/deadline delete:deadlines_config

Dashboard Insights Permissions

Insights Description URL Permission
Can view insights dashboards Ability to view dashboards in Dashboards page /insights/:id read:insights
Can edit insights dashboards Ability to edit existing dashboard from Dashboards /insights/:id edit:dashboards
Can edit insights charts names and description Ability to edit charts from a dashboard in Dashboards /insights/:id edit:charts
Can create insights dashboards Ability to create a new dashboard in Dashboards /insights create:dashboards
Can add new charts to the insights dashboard Ability to add new charts from a dashboard in Dashboards /insights/:id create:charts
Can delete insights dashboards Ability to delete a dashboard from Dashboards /insights/:id delete:dashboards

Sponsor Bank Permissions

Parent Orgs Description URL Permission
Can view child orgs Ability to see orgs that use them as a bank in their dashboard. /child-orgs/list read:child_orgs
Can read collaborated alerts Ability to view alerts on which you are collaborating. /collaborations/internal read:alert_collaboration
Can edit alert collaboration status Ability to decide which alerts can be collaborated on. /collaborations/internal edit:alert_collaboration

API Keys

Settings Description URL Permission
Can view api keys Ability to view developer API keys for Unit21 backend functionality /settings/integrations read:api_keys
Can create api keys Ability to create a new developer API key for Unit21 backend functionality /settings/integrations create:api_keys
Can delete api keys Ability to delete a developer API key for Unit21 backend functionality /settings/integrations delete:api_keys

Datafile Uploads Permissions

DataFile Uploads Description URL Permission
Can view datafile uploads Ability to view datafile uploads tab /data-explorer/upload-file read:datafile_uploads
Can create datafile uploads Ability to add new datafile uploads /data-explorer/upload-file create:datafile_uploads
Can delete datafile uploads Ability to delete datafile uploads /data-explorer/upload-file delete:datafile_uploads

Webhook Permissions

Webhook Description URL Permission
Can view webhooks Can edit workflow buttons
Can edit webhooks
/system/workflows/alert/:id
/system/workflows/case/:id
/system/webhooks/:id
read:webhooks
Can edit webhooks Can edit workflow buttons
Can edit webhooks
/system/workflows/alert/:id
/system/workflows/case/:id
/system/webhooks/:id
edit:webhooks
Can create webhooks Can create workflow buttons
Can create webhooks
/system/workflows/*
/system/webhooks
create:webhooks
Can delete webhooks Can delete workflow buttons
Can delete webhooks
/system/workflows/alert/:id /system/workflows/case/:id
/system/webhooks/:id
delete:webhooks