Cloud privé Architecture

Multi-Tenant Architecture and System Roles

Please find a visual overview at the end of this page.

eLabNext has a flexible, multi-tenant architecture to support use by multiple customers (tenants). These tenants can be distinct business divisions, departments, or research groups from within the same organization or across multiple different institutions.

To offer full system control to customers with a Private Cloud or On-Premises installation, 4 system roles can be assigned: System Administrator, Organization Administrator, Group Administrator, and End-User.

The hierarchy of these roles are as such: Both the System Administrator and Organization Administrator are Key-User roles that can perform actions on the system or organization level. Within each organization, groups are configured and managed by a Group Administrator. In these groups, End-Users can document and collaborate on different projects. In addition to these system roles, group members have a user role that defines their individual permissions in each group.

System Roles

System Administrator

In the Private Cloud or On-Premises installation, one person within the customer organization is assigned as the System Administrator. The System Administrator has full access to configure or update technical settings that affect functionality on the system level, such as authentication (AD/LDAP), privacy settings, and system policies. The System Administrator also assigns the Organization Administrator and has access to all organisation-specific functions such as user account management, license reporting, and organization sharing settings.

For an overview of all supported actions of a System Administrator, see the manual.

Organization Administrator

The Organization Administrator role is assigned by the System Administrator and is typically the Key-User that performs functional system management on the organization level. The Organization Administrator has access to user account management, license reporting, data recovery, and organization sharing but is restricted to only performing these actions within the context of their own organization. For customers with a Private Cloud that is used by multiple organizations, the Organization Administrator role can be assigned to a user in each organization.

For an overview of all supported actions of an Organisation Administrator, see the manual.

Group Administrator

Within each organization, groups can be defined based on which end-users have clearance to access and share certain data sets. Depending on how groups of end-users should be able to access and share data, groups can be set up. In each group, a Group Administrator is assigned to implement a group-specific configuration of the project, studies, experiment, storage units, equipment, sample types, and protocols. In addition, the Group Administrator can add or remove end-users in the group and assign user roles and permissions to each user in the group.

For an overview of all supported actions of a Group Administrator, see the manual.

End-User

The end-users in the system can be members of one or more groups within the system. In each group, a user has permissions based on their assigned user role for that group. A user can have a unique role within each group that provides them with full or limited access to data that belongs to a particular group.

Learn more about setting up roles and permissions.

Download Architecture PDF

Abonnez-vous à notre newsletter

Restez au courant de nos dernières actualités, annonces de produits et articles.

Merci ! Votre candidature a été reçue !
Oups ! Une erreur s'est produite lors de l'envoi du formulaire.