Roles determine user access to information presented in the Vocera system.

In Vocera Platform, Roles function as the gatekeepers to the information that is stored within and presented in the Web Console.

Users may or may not have permissions to access certain Vocera features in Web Console depending on the roles associated with the group to which they belong.

Vocera roles have one or more policies (aka security policies) defined and applied to them. Security policies grant or deny permissions to access the Vocera features. Users who are members of a specific group are associated with predefined roles as needed to access and manage the Vocera system.
Important: The Vocera Platform user account behavior is dependent on the policies assigned to a role.

To understand how users are associated with groups, roles, and policies see Understanding Groups, Roles, and Policies. Group members assigned to a predefined role have access to information in the system based on the security policies associated with each role. If a user is the member of a group, associating a role with this group will apply the security policy to a user's profile immediately.

In addition to policies, roles may also have a default workflow page associated with them. You can create new roles and apply customized workflow pages for a particular role requirement in your organization. See the Creating a New Workflow for information on workflows.

Vocera system creates the following predefined roles at the time of installation:

You can access these roles in the Vocera Platform Web Console and associate these roles with groups in your system. See Accessing Roles and Associating Roles with Groups for more information.

An administrator role grants users access to the Web Console features. Group members with administrator role manage Vocera features, such as granting the user the ability to view audit logs, manage other users, and manage connected devices.

The Default role is assigned to all users who login to access the Web Console.

LDAP Group List

Some organizations use lightweight directory access protocol (LDAP) or ActiveDirectory server authentication that allows a user to login with the same credentials they use elsewhere in their office. The LDAP authenticated system may provide a predefined list of groups that you can utilize to assign a Vocera role and control information access.

For example, you can create a Clinician role in Vocera and associate it with the ActiveDirectory or LDAP Physicians group.