DevPortalPagoPA




Table of contents

Manage access to services via groups

What is a group?

A group is a set of delegates of an institution who are grouped together according to a common characteristic. For example, a group of users can represent a specific office or a technological partner that supports the institution.
Consult the Reserved Area Operating Manual for more details about groups.

Why create a group in IO?

As the administrator of an institution, by creating a group of users for the IO product, you can:
  • Associate one or more services with an active group. In this way, the users (operators) of that group can work, via the back-office, only with the services associated with them.
  • Create specific Manage API keys for that group. The users (operators) of the group working via API will not be able to view the general API manage key, rather only the those specific to that group, which allow them to work only with the services “connected” to their group.

What are the consequences of creating a group for IO?

As the administrator user, by using groups you can limit the cone of visibility and operation for the operator users for some IO services.
As an operator user, you can see and manage only the services that were assigned to the groups to which you belong.

What does it mean to suspend a group?

As an institution administrator, in the Reserved Area you can suspend a group, and as a result:
  • Suspend any API Key associated with it, in order to block the operation of the users of this key.
  • Block all the actions on services by operators belonging to that group.

Who can manage the groups?

Groups can be created and managed only by administrator users. Specifically:
What can be doneAdministratorOperator without a groupOperator with a groupOperator with a suspended group
Create a group
Add users to a group
Edit/Suspend/Delete a group
Create and manage group API keys
View all the group API keys
View the API keys of the group to which the user belongs
Manage the Manage API key
View the Manage API key
View and manage all the services
View and manage all the services in the group to which the user belongs

Procedure for configuring a group in IO:

  1. Create a group in the Reserved Area (click here for more details about the functionality).
  2. Access the IO back office
  3. Go to the “Services” section and associate the group that was just created with only the services that you want the users to be able to use.
    1. You can associate the services by clicking “Associate group” to the top right;
    2. You can access the details of each Service and, on the information panel, click the pencil icon next to the group item.
  4. If the users of your institution work via API:
    1. Go to the API key section;
    2. Create a new Group API key for the group that was just created;
    3. Inform the operator users of the group that now have the new API keys that they can use to work with the services and that they can retrieve in the back office.

Haven't completed onboarding yet and need help?

Write an email describing your problem or question to the address areariservata@assistenza.pagopa.it.

Need help with APIs and Integration?

Write an email describing your problem or question to the address:

io-service-management@pagopa.it

Tell us what you think

To report problems or give feedback, leave a comment in the GitHub space of the IO app