Skip to main content

Customer Portal with IAM

The Customer Portal is powered by IAM configuration. Share specific resources with customer users and control what they can see and do using roles and policies.

Example policy: Track access and ordering

1

Grant admin access to tracks A and B

Attach this policy to Track A and Track B to allow customer admins to view, load, empty, rebill, and order equipment. Viewers can only view and print paperwork.
{
  "bindings": [
    { "role": "roles/inventory.equipmentCustomerAdmin", "members": ["group:cedxcustomeradmin"] },
    { "role": "roles/inventory.equipmentViewer", "members": ["group:cedxcustomeruser"] }
  ]
}
2

Grant ordering to group C

{
  "bindings": [{ "role": "roles/inventory.equipmentOrderer", "members": ["group:cedxcustomeradmin"] }]
}

Roles and permissions

  • roles/inventory.equipmentCustomerAdmin: list, get, load, empty, rebill, order, grouping list/get
  • roles/inventory.equipmentViewer: list, get, grouping list/get
  • roles/inventory.equipmentOrderer: list, get, order, grouping list/get

UX patterns

  • Hide and block access to pages when minimum required permissions are missing
  • Conditionally render buttons and controls based on permissions
  • Backend filters data per IAM; UI should gracefully handle hidden details