Permissions

Permissions allow you to provide granular access to the system. For example,
you might have two groups, "System" and "Investigators."
Through permissions, you could limit these two groups to only the appropriate level of access:

For example, you could limit:

the Systems team to only systems-level actions, like creating teams and webhooks.
the Investigators to only financial investigation data, like Rules, Cases, Alerts, and SARs

In this example, each group has access to only the data that is necessary to their job.

You can configure permissions for teams or individual agents

There are two ways to configure permissions: on the team-level, and on the agent-level.

For team-level permissions, every agent on the team has the same permissions.
Agent-level permissions provide permissions for only a single agent. It's also possible to use agent-level permissions to add unique permissions to a team member.

Team level permissions are preferred

In most cases, Unit21 recommends using team permissions.

Team-level permissions reduce manual labor and make changes much less error prone. It is easy to extend or limit a teams permissions, rather changing many accounts, you only need to change the team account.

Furthermore, team permissions let you create a standard set of custom roles.

Alert Permissions

ALERTS
Alerts
\|__	My Alerts `/alerts/my-alerts`			`Read:Alerts`
	\|__	Get More Alert button		`Read:Alerts`
	\|__	Alert Detail page		`Read:Alerts` `Read:Alert_Media` `Read:Txn_Instruments` `Read:Events`
		\|__	Export	`Read:Alerts`
		\|__	Attachments / Add files	`Edit:Alerts`
		\|__	Re-Assign	`Edit:Alerts`
		\|__	Change Queue	`Edit:Alerts`
		\|__	Alert Component button	`Read:Alert_Component_Buttons`
		\|__	Edit Deadline	`Edit:Deadlines`
\|__	Queues `/alert-queues`			`Read:Alerts` `Read:Assignments`
	\|__	Create a New Queue button		`Edit:Alerts`
	\|__	Edit Queue `/alerts/queues/:id`		`Requeue:Alerts`
	\|__	Delete Queue		`Delete:Alert_Queues`
\|__	Admin `/alerts/admin`			`Read:Alerts` `Read:Assignments`
	\|__	Bulk Actions		`Reassign:Alerts`
\|__	Create Alert button `/alerts/create`			`Create:Alerts`
\|__	Collaboration `/alerts/collaborations`
	\|__	Internal `/alerts/collaborations/internal`
	\|__	External `/alerts/collaborations/external`

Case Permissions

CASES
Cases `/cases`
\|__	My Cases `/cases/my-cases`			`Read:Cases`
	\|__	Case Detail page `/cases/:id`		`Edit:Cases`
		\|__	Edit Deadline	`Edit:Deadlines`
\|__	Admin `/cases/admin`			`Read:Cases` `Read:Assignments`
\|__	Create case button `/cases/create-case`			`Create:Cases`
\|__	Collaboration `/cases/collaborations`			`Read:Cases` `Read:Case_Collaboration`
	\|__	Internal `/cases/collaborations/internal`		`Read:Cases` `Read:Case_Collaboration`
	\|__	External `/cases/collaborations/external`		`Read:Cases` `Read:Case_Collaboration`

SAR / STR / Report Permissions

REPORT FILINGS
Report Filings `/filings`
\|__	FinCEN SAR `/filings/sars` `/filings/sar`		`Read:Sars`
	\|__	SAR Detail page `/filings/sar/:id`	`Edit:Sars` `Read:Sars_Config` `Submit:Sars`
	\|__	Archive button	`Delete:Sars`
\|__	Create FinCEN SAR button		`Create:Sars`
\|__	goAML STR `/filings/go-aml`		`Read:Sars`
	\|__	STR Detail page `/filings/go-aml/:id/edit`	`Edit:Sars` `Read:Sars_Config` `Submit:Sars`
	\|__	Archive button	`Delete:Sars`
\|__	Create goAML STR button `/filings/go-aml/create`		`Create:Sars`

Data Explorer Permissions

DATA EXPLORER				PERMISSION NEEDED
Data Explorer `/data-explorer`				`Read:Entities`
\|__	Entities `/data-explorer/entities`			`Read:Entities`
	\|__	Entity Details		`Read:Entities`
		\|__	Entity Details Summary `/entities/:id`
		\|__	Start Verification	`Read:Verification`
		\|__	Create Case	`Read:Cases`
		\|__	Tags and Comments	`Edit:Entities`
		\|__	Transactions	`Read:Events`
		\|__	Events	`Read:Events`
		\|__	Devices	`Read:Devices`
		\|__	Link Analysis `/link-investigation`	`Read:Link_Analysis`
		\|__	Risk	`Read:Risk_Ratings`
		\|__	Custom Profile	`Read:Custom_Profiles` `Edit:Custom_Profiles`
	\|__	Entity Risk Page		`Read:Risk_Ratings`
		\|__	Alerts	`Read:Alerts`
		\|__	Cases	`Read:Cases`
		\|__	Risk Ratings	`Read:Risk_Ratings`
		\|__	SAR	`Read:SAR`
	\|__	Entity Attachements		`Read:Entity_Media`
	\|__	Entity Txn Instruments Page		`Read:Txn_Instruments`
	\|__	Entity Verification Page		`Read:Verification`
	\|__	Whitelisted Rules List		`Edit:Entities`
	\|__	Custom Profile		`Read:Custom_Profiles`
		\|__	Form	`Edit:Custom_Profiles`
	\|__	Network Analysis Summary		`Read:Link_Analysis`
	\|__	Entity Activity Analysis		`Read:Events`*
	\|__	Link Analysis Summary		`Read:Link_Analysis`
\|__	Instruments `/data-explorer/instruments`			`Read:Txn_Instruments`
	\|__	Txn Instrument Summary `/instruments/:id`
		\|__	Tags and Comments	`Edit:Txn_Instruments`
	\|__	Whitelisted Rules List
\|__	Devices `/data-explorer/devices`			`Read:Devices`
	\|__	Device Summary `/devices/:id`
		\|__	Tags and Comments	`Edit:Devices`
		\|__	Geolocation
		\|__	Entities
		\|__	Action Events Table
\|__	Transactions `/data-explorer/transactions`			`Read:Transaction_Events`
	\|__	Sidebar Transaction
		Transaction Detail Page `/data-explorer/transactions/:id`
		\|__	Can open entity summary
		\|__	Can open instrument summary
\|__	Actions `/data-explorer/events`			`Read:Action_Events`
	\|__	Action Event Model
\|__	Upload File `/data-explorer/upload-file`			`Read:DataFile_Uploads` `Create:DataFile_Uploads` `Delete:DataFile_Uploads`

Rule + Detection Modeling Permissions

DETECTION MODELING
Detection Modeling `/detection-models`		`Read:Rules`
\|__	Rules `/detection-models/:id`	`Edit:Rules`
\|__	Create a Rule `/detection-models/create`	`Create:Rules`

Matchlist Permissions

MATCHLISTS
Matchlists `/matchlists`
\|__	Create Matchlist button	`Create:Blacklists`
\|__	Matchlist Detail page `/matchlists/:id`	`Edit:Blacklists` `Delete:Blacklists`

Risk Score / Rating Permissions

RISK SCORES
Risk Scores `risk-scores`		`Read:Risk_Ratings`
\|__	Edit button `/risk-scores/:id`	`Edit:Risk_Ratings`
\|__	Create New Risk Score button `/risk-scores/create`	`Create:Risk_Ratings`

Verifications Permissions

VERIFICATIONS
Verifications `/verifications`
\|__	Create workflow `/verifications/workflows/create`
\|__	Verification workflows `/verifications-workflows`		`Read:Verification_Workflows` `Edit:Verification_Workflows` `Create:Verification_Workflows` `Delete:Verification_Workflows`
	\|__	Verification workflow `/verifications/workflows/:id`
\|__	Entity verification		`Edit:Verifications_Config`

System and Profile Permissions

SYSTEM
System `/system`
\|__	Agents `/system/agents`		`Read:Agents` `Edit:Agents`
	\|__	Agent detail page `/agents/:id`
\|__	Teams `/system/teams`		`Read:Teams` `Edit:Teams` `Create:Teams` `Delete:Teams`
	\|__	Team detail page `/teams/:id`
\|__	Webhooks `/system/webhooks`		`Read:Webhooks`
	\|__	Webhook detail page `/webhooks/:id`
	\|__	Create webhook button	`Edit:Webhooks` `Create:Webhooks` `Delete:Webhooks`
\|__	Workflows `/system/workflows`
	\|__	Tabs `/system/workflows/:tab/:id`
\|__	File exports `/system/file-exports`		`Read:Assignments`
\|__	Censorship `/system/censorship`		`Read:Censorship_Conditions` `Edit:Censorship_Conditions` `Create:Censorship_Conditions` `Delete:Censorship_Conditions`
\|__	Tags `/tags-edit`

PROFILE
Profile `/agents/:id`
\|__	Permissions `/agents/:id/permissions`	`Read:Permissions` `Edit:Permissions`
\|__	Notifications `/agents/:id/notifications`
\|__	Display settings `/agents/:id/display-settings`

Settings Permissions

SETTINGS
Settings `/settings`		`Edit:Account_Settings`
\|__	Account `/settings/account`
\|__	Notifications `/settings/notifications`	`Edit:Notification_Settings`
\|__	Integrations `/settings/integrations`	`Read:API_Keys` `Create:API_Keys` `Delete:API_Keys`
\|__	Deadlines `/settings/deadline`	`Read:Deadlines_Config` `Edit:Deadlines_Config` `Create:Deadlines_Config` `Delete:Deadlines_Config`
\|__	Report Filings `/settings/filings`
\|__	Verifications `/settings/verifications`
\|__	Interface `/settings/interface`	`Edit:Storage`
\|__	Custom data `/settings/custom-data`	`Read:Custom_Data` `Edit:Custom_Data`

Dashboards Insights Permissions

DASHBOARDS
Dashboards (Insights) `/dashboards`		`Read:Insights`
\|__	View Dashboard `/dashboards/:id`
\|__	Dashboard Options	`Create:Dashboards` `Edit:Dashboards` `Delete:Dashboards`
\|__	Chart ... menu	`Edit:Charts`
\|__	Add Charts button	`Create:Charts`

Parent - Child Org Permissions

CHILD ORGS
Child orgs `/child-orgs/list`				`Read:Child_Orgs`

View child/parent org alert and case permissions in their specific sections.