Organiza tus páginas con colecciones
Guarda y categoriza el contenido según tus preferencias.
La API de SAS Portal tiene varios roles, que se definen a continuación, cada uno de los cuales otorga permiso a un usuario para realizar ciertas llamadas a la API. Los roles se asignan a la Cuenta de Google del usuario.
El primer usuario de la organización de un cliente de SAS es el administrador, que se agrega automáticamente durante el proceso de registro. Luego, el administrador puede agregar a otros usuarios y asignarles roles, incluido el rol de administrador.
Funciones de usuario
Existen dos roles que se pueden asignar a los usuarios:
Este rol tiene privilegios administrativos completos para todos los recursos secundarios del recurso principal al que se le otorgó acceso. Configuran la estructura de la organización en el portal de SAS y administran el acceso de los usuarios.
role_cpi
Este rol es para los usuarios que son instaladores profesionales certificados (CPI). Para reclamar este rol, los usuarios deben demostrar que tienen una certificación de CPI activa. Para ello, usa el método ValidateInstaller(). Solo los usuarios con un rol role_cpi validado pueden usar el método
SignDevice()
para enviar los parámetros de instalación de las CBSD que requieren instalación de CPI.
Métodos
En la siguiente tabla, se muestran los roles que pueden usar cada tipo de método:
[null,null,["Última actualización: 2025-07-25 (UTC)"],[[["\u003cp\u003eThe SAS Portal API uses roles to control user permissions, with \u003ccode\u003erole_admin\u003c/code\u003e for administrative tasks and \u003ccode\u003erole_cpi\u003c/code\u003e for Certified Professional Installers.\u003c/p\u003e\n"],["\u003cp\u003eInitially, an Admin user is automatically assigned during sign-up and can manage other users and their roles.\u003c/p\u003e\n"],["\u003cp\u003eCPI users need to validate their certification using the \u003ccode\u003eValidateInstaller()\u003c/code\u003e method to utilize the \u003ccode\u003eSignDevice()\u003c/code\u003e method for CBSD installations.\u003c/p\u003e\n"],["\u003cp\u003eBoth \u003ccode\u003erole_admin\u003c/code\u003e and \u003ccode\u003erole_cpi\u003c/code\u003e have access to a range of methods like \u003ccode\u003eGetCustomer()\u003c/code\u003e, \u003ccode\u003eListDevices()\u003c/code\u003e, and \u003ccode\u003eUpdateDevice()\u003c/code\u003e, while \u003ccode\u003eSignDevice()\u003c/code\u003e is exclusive to validated \u003ccode\u003erole_cpi\u003c/code\u003e users.\u003c/p\u003e\n"],["\u003cp\u003eCurrently, user role assignment is handled by the SAS API Support team, and requests should be sent to \u003ca href=\"mailto:sas-api-support@google.com\"\u003esas-api-support@google.com\u003c/a\u003e.\u003c/p\u003e\n"]]],["The SAS Portal API assigns roles to users' Google Accounts to manage API access. The initial Admin role is established during signup, and admins can manage user roles. Currently, role assignment is handled by the SAS API Support team via request. Two roles exist: `role_admin` with full administrative control and `role_cpi` for Certified Professional Installers who must validate their certification using `ValidateInstaller()` to use `SignDevice()`. Both roles share access to other core methods, such as `GetCustomer()` and `CreateDevice()`.\n"],null,["# Roles and permissions\n\nThe SAS Portal API has several roles, defined below, each of which gives a user permission to\nmake certain API calls. Roles are assigned to the user's Google Account.\n\nThe first user of a SAS customer's organization is the Admin, who's automatically added during\nthe sign-up process. The Admin can then add other users and assign them roles, including the Admin\nrole.\n| **Note:** Currently, user role assignment is done by the SAS API Support team. If you need to assign roles to users, send your requests to [sas-api-support@google.com](mailto:sas-api-support@google.com) and indicate the Google Account and role needed in a CSV file.\n\nUser roles\n----------\n\nThere are two roles that can be assigned to users:\n\n- [`role_admin`](/spectrum-access-system/guides/roles-and-permissions#admin)\n- [`role_cpi`](/spectrum-access-system/guides/roles-and-permissions#cpi)\n\n| **Note:** Each user can be assigned to *one or more* of these roles.\n\n### role_admin\n\nThis role has full administrative privileges for all of the child\n[resources](/spectrum-access-system/guides/resource-management) under the parent resource to which it has\nbeen granted access. They set up the organization's structure within the SAS Portal and manage user\naccess.\n\n### role_cpi\n\nThis role is for users that are Certified Professional Installers (CPIs). To claim this role,\nusers need to prove that they have an active CPI certification. They do so with the\n[`ValidateInstaller()`](/spectrum-access-system/reference/rest/customers.devices/validate)\nmethod. Only users with a validated `role_cpi` role can use the\n[`SignDevice()`](/spectrum-access-system/reference/rest/customers.devices/signDevice)\nmethod to submit the installation parameters of CBSDs that require CPI installation.\n\nMethods\n-------\n\nThe following table shows which roles can use each type of method:\n\n| Methods | Roles |\n|-------------------------------------------------------------------------------------------------|-------------------------|\n| [`GetCustomer()`](/spectrum-access-system/reference/rest/customers/get) | `role_admin` `role_cpi` |\n| [`ListCustomers()`](/spectrum-access-system/reference/rest/customers/list) | `role_admin` `role_cpi` |\n| [`CreateDevice()`](/spectrum-access-system/reference/rest/customers.devices/create) | `role_admin` `role_cpi` |\n| [`GetDevice()`](/spectrum-access-system/reference/rest/customers.devices/get) | `role_admin` `role_cpi` |\n| [`ListDevices()`](/spectrum-access-system/reference/rest/customers.devices/list) | `role_admin` `role_cpi` |\n| [`UpdateDevice()`](/spectrum-access-system/reference/rest/customers.devices/patch) | `role_admin` `role_cpi` |\n| [`CreateSignedDevice()`](/spectrum-access-system/reference/rest/customers.devices/createSigned) | `role_admin` `role_cpi` |\n| [`UpdateSignedDevice()`](/spectrum-access-system/reference/rest/customers.devices/updateSigned) | `role_admin` `role_cpi` |\n| [`GenerateSecret()`](/spectrum-access-system/reference/rest/customers.devices/generateSecret) | `role_admin` `role_cpi` |\n| [`ValidateInstaller()`](/spectrum-access-system/reference/rest/customers.devices/validate) | `role_admin` `role_cpi` |\n| [`SignDevice()`](/spectrum-access-system/reference/rest/customers.devices/signDevice) | `role_cpi` (validated) |"]]
