Access Levels

The IoT platform implements a flexible model of rights delimitation, ensuring data security and efficient resource management. Access levels determine what actions are available to the user and depend on their role in the organization.

Basic access levels

1. IoT platform administrator — full control over the system.

2. Resource provider representatives / Service organizations / Equipment manufacturers — access within their area of ​​responsibility.

3. Branches / Consumers — limited access to data.

A schematic representation of the hierarchy of IoT platform access levels is presented below.

graph LR
    A --> B
    A --> D
    A --> E
    B --> C1
    B --> C2
    C1 --> F1
    C1 --> F2
    C2 --> F3
    C2 --> F4
    D --> F1
    D --> F2
    D --> F3
    subgraph "Level 1"
    A[IoT Platform Administrator]
    end
    subgraph "Level 2"
    B[АResource Provider Administrators]
    D[Service organizations]
    E[Equipment manufacturers]
    end
    subgraph "Level 3"
    C1[Branch 1]
    C2[Branch 2]
    end
    F1[Metering Unit 1]
    F2[Metering Unit 2]
    F3[Metering Unit 3]
    F4[Metering Unit 4]

Access Level 1: IoT platform administrator

Roles:

• Account with full system rights - full editing and management rights.
• Account with full read access - access to view data only.

Main features:

• Create and edit users, metering units, branches.
• Management of communication schedules, locking mechanisms (if supported by the device).
• Access to all modules including:
  • Event Log (action auditing),
  • Equipment monitoring,
  • Configuration Request
  • Sending parameters to instruments (e.g. gas pressure settings).

Additional options (customizable):

• Detach telemetry units (IMEI).
• Sending JSON (sending control commands to the telemetry unit).
• Access to comments.
• SMS message request for telemetry unit identification (if supported by the unit).
• Hardware software update.
• Daily data export.

Access Level 2: Resource Provider / Service Organization / Equipment Manufacturer

Roles:

• Company Administrator - management of metering nodes within the branch.
• Company Manager - read-only access.
• Metrologist - work with data without the right to change the configuration.
• Service Company Administrator
• Read Service Companies
• Manufacturer - analyze instrument performance.

Main features:

• Editing information on linked metering units.
• Generating reports.
• Access to monitoring and directories.

Limitations:

• Unable to create new users.
• Access only to nodes within the assigned branch.

Example:
A branch office metrologist can analyze consumption data, but cannot delete a telemetry unit.

Access Level 3: User

Roles:

• User - access to personal account with data on tied metering units.

Main features:

• View current readings.
• Downloading reports (if the option is enabled).

Limitations:

• Prohibits configuration changes.
• Access only to metering units assigned to the user.

Example:
A warehouse owner monitors daily electricity consumption through his personal account.

Security mechanisms

• Read-only mode — to prevent accidental changes.
• Branch binding — data isolation between departments.
• Action logging — audit all operations (see the “Events log” section).

Configuration tips

1. Minimize rights — provide access only to the necessary functions.
2. Use extra options — connect additional tools for departments (technical support, accounting, metrology).
3. Regularly update roles — delete inactive users and review rights.