Permission groups that bundle web-interface access and granular API rights, and can be mapped from an external identity provider.

OptionDescription
ADD GROUP + Add a new group.

Permissions are assigned with the checkbox groups below. A :write right automatically also grants the matching :read right. External identity-provider groups can be mapped to this group via the Group mappings inline section (used with SAML/LDAP).

Permissions

Each permission group below is a set of checkboxes. Tick the rights this group should grant.

Access to view/use the web interface

If no web: permission is granted, the user can only use the API for the selected read/write permissions. Access to each data type/API needs to be assigned separately.

PermissionGrants
web:allAccess to all web interfaces.
web:coreAccess to Mividas Core web interface.
web:insightAccess to Mividas Insight web interface. 1
web:roomsAccess to Mividas Rooms web interface.
  1. To view the Mividas Insight web interface, the user must also have admin rights.

Global rights

A :write right automatically gives the corresponding :read right.

PermissionGrants
admin:all:readFull read-access to all data and admin settings.
admin:all:writeFull access to read and change all data and admin settings.
api:all:readRead all data except admin settings.
api:all:writeWrite all data except admin settings.
customers:allAccess to all customers/tenants.

Administrator rights for individual products

A :write right automatically gives the corresponding :read right.

PermissionGrants
admin:core:readRead access to all data, both for users and administrators, for Mividas Core only.
admin:core:writeWrite access to all data, both for users and administrators, for Mividas Core only.
admin:rooms:readRead access to all data, both for users and administrators, for Mividas Rooms only.
admin:rooms:writeWrite access to all data, both for users and administrators, for Mividas Rooms only.

Granular API rights – Core

A :write right automatically gives the corresponding :read right.

PermissionGrants
calls:readRead calls and participants.
calls:writeCreate/Update/Delete calls and participants.
cospaces:readRead meeting rooms.
cospaces:writeCreate/Update/Delete meeting rooms.
meetings:readRead scheduled meetings. 1
meetings:writeCreate/Update/Delete scheduled meetings. 1
messages:readRead invitation messages. 2
messages:writeCreate/Update/Delete invitation messages. 2
monitoring:core:readRead core monitoring.
monitoring:core:writeWrite core monitoring.
organization:readRead Org. unit. 2
organization:writeCreate/update Org. unit. 2
users:readRead users.
  1. These permissions require the corresponding permissions in Mividas Rooms, so that will be automatically checked upon saving. When removing the permission, it must be removed in both places.
  2. Since these permissions also require that you are an administrator, and when you have administrator rights they are automatically shown, this only affects API usage.

Detailed API rights – Rooms

A :write right automatically gives the corresponding :read right.

PermissionGrants
addressbooks:readRead address books.
addressbooks:writeCreate/Update/Delete Address Books.
endpoints:readRead endpoints.
endpoints:writeCreate/Update/Delete endpoints and provisioning settings.
firmwares:readRead firmware.
firmwares:writeCreate/Update/Delete firmware.
macros:readRead macros and room controls.
macros:writeCreate/Update/Delete Macros and Room Controls.
meetings:readRead scheduled meetings. 1
meetings:writeCreate/Update/Delete scheduled meetings. 1
monitoring:rooms:readRead room monitoring.
monitoring:rooms:writeWrite room monitoring.
organization:readRead Org. unit. 2
organization:writeCreate/update Org. unit. 2
sensors:readRead sensor data.
  1. These permissions require the corresponding permissions in Mividas Core, so that will be automatically checked upon saving. When removing the permission, it must be removed in both places.
  2. Since these permissions also require that you are an administrator, and when you have administrator rights they are automatically shown, this only affects API usage.

Detailed API rights – Other

A :write right automatically gives the corresponding :read right.

PermissionGrants
statistics:calls:exportExport call statistics.
statistics:calls:readReading call statistics.
statistics:sensors:exportExport sensor data.

Using the Booking API

Primarily used by integrations.

PermissionGrants
book_api:cospaces_changeAllow users to change meeting rooms, using the API.
book_api:cospaces_createAllow creation of meeting rooms, using the API.
book_api:writeSchedule a meeting via the booking API.

Group mappings

Here you can map external identity-provider groups (SAML/LDAP) so that a user automatically receives the correct permissions upon logging in.

OptionDescription
Mapping typeLDAP or SAML.
ValueAdd the mapping value, e.g. CN=admin-users,OU=Groups,DC=example,DC=com.
Clear missingWhen enabled, this group is automatically removed from a user at login if their SAML/LDAP login no longer includes the matching value. Checked by default.
DeleteClick to delete the group mapping.
Add another Group mappingAdd another group mapping.
On This Page
    © Mividas Video Solutions AB 2026