
Permission groups that bundle web-interface access and granular API rights, and can be mapped from an external identity provider.
| Option | Description |
|---|---|
| ADD GROUP + | Add a new group. |
Permissions are assigned with the checkbox groups below. A :write right automatically also grants the matching :read right. External identity-provider groups can be mapped to this group via the Group mappings inline section (used with SAML/LDAP).
Permissions
Each permission group below is a set of checkboxes. Tick the rights this group should grant.
Access to view/use the web interface
If no web: permission is granted, the user can only use the API for the selected read/write permissions. Access to each data type/API needs to be assigned separately.
| Permission | Grants |
|---|---|
web:all | Access to all web interfaces. |
web:core | Access to Mividas Core web interface. |
web:insight | Access to Mividas Insight web interface. 1 |
web:rooms | Access to Mividas Rooms web interface. |
- To view the Mividas Insight web interface, the user must also have admin rights.
Global rights
A :write right automatically gives the corresponding :read right.
| Permission | Grants |
|---|---|
admin:all:read | Full read-access to all data and admin settings. |
admin:all:write | Full access to read and change all data and admin settings. |
api:all:read | Read all data except admin settings. |
api:all:write | Write all data except admin settings. |
customers:all | Access to all customers/tenants. |
Administrator rights for individual products
A :write right automatically gives the corresponding :read right.
| Permission | Grants |
|---|---|
admin:core:read | Read access to all data, both for users and administrators, for Mividas Core only. |
admin:core:write | Write access to all data, both for users and administrators, for Mividas Core only. |
admin:rooms:read | Read access to all data, both for users and administrators, for Mividas Rooms only. |
admin:rooms:write | Write access to all data, both for users and administrators, for Mividas Rooms only. |
Granular API rights – Core
A :write right automatically gives the corresponding :read right.
| Permission | Grants |
|---|---|
calls:read | Read calls and participants. |
calls:write | Create/Update/Delete calls and participants. |
cospaces:read | Read meeting rooms. |
cospaces:write | Create/Update/Delete meeting rooms. |
meetings:read | Read scheduled meetings. 1 |
meetings:write | Create/Update/Delete scheduled meetings. 1 |
messages:read | Read invitation messages. 2 |
messages:write | Create/Update/Delete invitation messages. 2 |
monitoring:core:read | Read core monitoring. |
monitoring:core:write | Write core monitoring. |
organization:read | Read Org. unit. 2 |
organization:write | Create/update Org. unit. 2 |
users:read | Read users. |
- These permissions require the corresponding permissions in Mividas Rooms, so that will be automatically checked upon saving. When removing the permission, it must be removed in both places.
- Since these permissions also require that you are an administrator, and when you have administrator rights they are automatically shown, this only affects API usage.
Detailed API rights – Rooms
A :write right automatically gives the corresponding :read right.
| Permission | Grants |
|---|---|
addressbooks:read | Read address books. |
addressbooks:write | Create/Update/Delete Address Books. |
endpoints:read | Read endpoints. |
endpoints:write | Create/Update/Delete endpoints and provisioning settings. |
firmwares:read | Read firmware. |
firmwares:write | Create/Update/Delete firmware. |
macros:read | Read macros and room controls. |
macros:write | Create/Update/Delete Macros and Room Controls. |
meetings:read | Read scheduled meetings. 1 |
meetings:write | Create/Update/Delete scheduled meetings. 1 |
monitoring:rooms:read | Read room monitoring. |
monitoring:rooms:write | Write room monitoring. |
organization:read | Read Org. unit. 2 |
organization:write | Create/update Org. unit. 2 |
sensors:read | Read sensor data. |
- These permissions require the corresponding permissions in Mividas Core, so that will be automatically checked upon saving. When removing the permission, it must be removed in both places.
- Since these permissions also require that you are an administrator, and when you have administrator rights they are automatically shown, this only affects API usage.
Detailed API rights – Other
A :write right automatically gives the corresponding :read right.
| Permission | Grants |
|---|---|
statistics:calls:export | Export call statistics. |
statistics:calls:read | Reading call statistics. |
statistics:sensors:export | Export sensor data. |
Using the Booking API
Primarily used by integrations.
| Permission | Grants |
|---|---|
book_api:cospaces_change | Allow users to change meeting rooms, using the API. |
book_api:cospaces_create | Allow creation of meeting rooms, using the API. |
book_api:write | Schedule a meeting via the booking API. |
Group mappings

Here you can map external identity-provider groups (SAML/LDAP) so that a user automatically receives the correct permissions upon logging in.
| Option | Description |
|---|---|
| Mapping type | LDAP or SAML. |
| Value | Add the mapping value, e.g. CN=admin-users,OU=Groups,DC=example,DC=com. |
| Clear missing | When enabled, this group is automatically removed from a user at login if their SAML/LDAP login no longer includes the matching value. Checked by default. |
| Delete | Click to delete the group mapping. |
| Add another Group mapping | Add another group mapping. |