The internex terminal offers a comprehensive rights structure that allows you to granularly control your employees' permissions. We distinguish between two types of permission structures:
User roles
User types within Clouds
Below you will find an overview of these two permission types.
1 - User roles
The internex Terminal offers three user roles for assigning basic permissions:
Terminal Owner
Terminal Admin
Terminal User
When you create a contact in the internex Terminal and enable login for that contact, you can choose between the "Terminal Admin" and "Terminal User" roles for that user.
The "Terminal Owner" role is the highest permission level in the internex Terminal. It is automatically assigned to the first contact upon account creation and cannot be selected directly in the Terminal.
Only hierarchically subordinate roles can be assigned in the interface:
A Terminal Owner can create users with the roles Terminal Admin or Terminal User.
A Terminal Admin can create users with the role Terminal User.
Therefore, only the roles Terminal Admin and Terminal User are available when creating users in the internex Terminal. The Terminal Owner role cannot be assigned manually.
If another Terminal Owner needs to be added, this can be requested via a form from internex Support. After review, the role will be assigned by our team.
Below is an overview of the default rights of a newly created user:
| Owner | Admin | User |
view your own support tickets¹ | ✅ | ✅ | ✅ |
open new support tickets | ✅ | ✅ | ✅ |
|
|
|
|
can see allocated clouds | ✅ | ✅ | ✅ |
share cloud with other companies | ✅ | ❌ | ❌ |
|
|
|
|
create contact with the role "User" | ✅ | ✅ | ❌ |
create contact with the role "Admin" | ✅ | ❌ | ❌ |
edit existing contacts with the role "User" | ✅ | ✅ | ❌ |
edit existing contacts with the role "Admin" | ✅ | ❌ | ❌ |
activate login for contacts | ✅ | ✅ | ❌ |
¹ To be able to view support tickets from all contacts of an account, the additional right “In addition to his own, he also sees tickets from colleagues from the internex account.” can be granted in the module permissions for “Support”.
2 - User types within Clouds
To optimally organize your products in the internex Terminal, clouds offer a simple way to structure projects clearly and manage them efficiently. A detailed explanation of clouds can be found in our article "What is a Cloud in the internex Terminal?"
To assign specific permissions within clouds, we distinguish between two user types:
Cloud-Admin
Cloud-Member
Each cloud requires at least one Cloud-Admin. Cloud management would be impossible without a Cloud-Admin.
The question of whether an employee should be set up as a Cloud-Member or a Cloud-Admin depends on the required permissions. The differences between these two types are explained below.
A Cloud-Admin can perform the following tasks, which are not available to a regular Cloud-Member:
| Cloud-Admin | Cloud-Member |
delete Cloud | ✅ | ❌ |
rename Cloud | ✅ | ❌ |
|
|
|
move products to another Cloud² | ✅ | ❌ |
|
|
|
edit Cloud details (description, icon) | ✅ | ❌ |
edit permissions of Cloud members | ✅ | ❌ |
edit user types of all members | ✅ | ❌ |
add members to the Cloud | ✅ | ❌ |
remove members from Cloud | ✅ | ❌ |
² This requires the additional right "Can move products between clouds", which can be assigned to the respective user in the Access Control Center under "Module Permissions".
2.1 Additional permissions within a Cloud
In addition to the user types that determine which actions are possible within a cloud, three additional permissions are available that specifically relate to accessing and managing products within the cloud:
Read Permission
Every cloud member has read permission by default. This permission is mandatory and cannot be disabled or removed. If a user should not have read permission, the member must be removed from the cloud.
Write Permission
Write permission allows changes to products, such as restarting, changing DNS settings, or performing backups. Password changes are also considered write operations and require this permission.
Order Permission
Order permission is required to order new products (e.g., domains).
These permissions can be assigned directly when adding a user or adjusted at a later time.