Authentication & Authorization
Dime.Scheduler gives administrators granular, role-based access control over who can use which features. On top of that, a data-driven mechanism validates each user against the data they are allowed to work with.
Securing the application comes down to two distinct areas: authentication and authorization.
Authenticationโ
Authentication verifies that a user really is who they claim to be. Dime.Scheduler supports two identity providers: Azure and forms login.
Azure is managed by another system, which you will likely use for other applications too. Forms login uses credentials that exist only in Dime.Scheduler. Forms login is the quickest way to get started, since it needs no extra configuration or integration, whereas Azure may need to be set up first.
Authorizationโ
Authorization enforces security clearance: it decides what an authenticated user is allowed to do. This is where roles and user actions come in. Dime.Scheduler groups features together and protects them with user actions. The administrator assigns user actions to roles, and roles to users. On top of that, data-driven security restricts access by assigning filter valuesFilter valueA single value inside a filter group, used as a qualification on a resource or a requirement on a task., categoriesCategoryA visual indicator (a color) applied to appointments to classify or label them. and time markersTime markerA visual indicator on an appointment, separate from its category, used to flag a status or condition at a point in time. to users, which are then compared against tasksTaskA unit of work that belongs to a job. It appears in the open task list until it is scheduled to a resource. and resourcesResourceAn entity that can carry out work - a person, vehicle, tool, or room - that you schedule on the planning board..
As noted earlier, authorization is always granted at the user level. Depending on the setup, different users can see very different projections of Dime.Scheduler. Some user actions are broad, such as "Global Administrator", which unlocks every feature. Others are narrow, such as "Plan Project", which protects the Gantt chartGantt chartA timeline view for long-term project planning, showing tasks, durations, dependencies and milestones..
Role-based access control (user actions and roles) defines what users can do. Data-driven security defines what users get to see.
Two users with the same roles can still see different sets of data in the grids and planning boards. The reverse holds too: users with very different roles can see the same data in the components. What they can do with that data depends on their roles, and therefore on their user actions.
Read moreโ
Authentication Types
Sign in to Dime.Scheduler with Microsoft Entra ID or local credentials, with admin consent options.
User Groups
Bundle users into groups to share roles, filter values, categories and time markers in bulk.
Role-based access control
Assemble roles from protected user actions and assign them to users and user groups.
Data-driven security
Restrict planner access to resources and tasks through filter groups, filter values and matching rules.