Roles & Permissions
Roles & Permissions
Section titled “Roles & Permissions”The Crinsutrack Cloud API uses Role-Based Access Control (RBAC) to manage permissions. As a B2B integrator, you have specific permissions that allow you to request operations while ensuring proper oversight by Crinsutrack web app users.
B2B Integration Permissions
Section titled “B2B Integration Permissions”B2B integrations can:
- Create and view subjects - Register individuals for sample storage
- Create procedure requests - Request storage and retrieval operations
- View data - Access sample containers, storage inventory, procedures, and request status
B2B integrations cannot:
- Accept or reject procedure requests (web app users only)
- Create procedures directly (web app users only)
- Start or complete procedures (devices only)
Web App
Section titled “Web App”The Crinsutrack web application is the system frontend. Web app users are assigned roles by their organization’s administrator. Available roles and their permissions are configured within the application.
Permission Errors
Section titled “Permission Errors”When an operation is not permitted for the current role:
{ "error": { "code": "FORBIDDEN", "message": "Insufficient permissions to perform this operation" }}