Access to the Transact Control Center (TCC) is limited to the set of users that have been created for your organization. The TCC users for your organization are assigned a set of privileges by a TCC administrator. These privileges determine the set of pages that may be accessed by a user when he/she logs into the TCC and the set of actions that may be performed when leveraging our REST API.
Privileges only affect actions performed within the TCC or via our REST API.
Privileges associated with a service that has not been activated on your customer account will not be displayed. For example, notice that the Token Auth and Rules Engine privileges are not shown in the following illustration. These privileges are unavailable because the Token-Based Authentication and the Rules Engine features have not been activated on that customer account.
Please contact your CDN account manager to request the activation of additional services.
Privileges are organized according to how a user may navigate to the corresponding page. View the children associated with a privilege by clicking on it. A child privilege cannot be granted without its parent privilege. Therefore, granting a child privilege will automatically grant all of its parent privileges. This principle is illustrated in the above illustration. Granting the Compression privilege automatically granted both the CAN and the Cache Settings privileges.
A 
icon indicates that a privilege contains one or more child privileges.
Key information:
-
Parent privileges only control whether the corresponding menu/page will be available.
For example, if the Defend privilege is enabled and all of its sub-privileges are disabled, then access will be allowed to the Defend menu but you will be unable to access Web Application Firewall
- The ability to view or administer a particular feature depends on whether you have purchased it.
- A user's ability to modify his/her own basic profile settings is not controlled by privileges.
Definitions
A description and the scope of each privilege are provided below.
Certain privileges only determine whether a menu item will be enabled. If a user navigates to that menu item, then the first child page, as determined by the order in which the permissions are listed below, for which that user has been granted access will be loaded. If all of the children of that parent privilege have been denied to that user, then the user will receive a message indicating insufficient access.
| Privilege | Secures | Additional Information |
|---|---|---|
|
Dashboard |
Dashboard menu item |
If a user does not have this privilege, then the default start page for that user will be the page associated with the first menu item for which that user has privileges. This is calculated from the left hand side of the page to the right. |
|
CAN |
CAN menu item |
|
|
Commerce Acceleration Network |
Commerce Acceleration Network page |
This privilege does not affect a user's ability to use the URLs that are displayed on this page. |
|
Customer Origin |
|
|
|
Edge CNAMEs |
|
|
|
Token Auth |
This privilege does not control whether a knowledgeable user with the proper resources (i.e., current encryption key and encoder/decoder) can encrypt and/or decrypt token values. |
|
|
Country Filtering |
|
|
|
Cache Settings |
|
|
|
Query-String Caching |
Query-String Caching pageLocation: CAN | Cache Settings | Query-String Caching |
|
|
Query-String Logging |
Query-String Logging pageLocation: CAN | Cache Settings | Query-String Logging |
|
|
Compression |
Compression pageLocation: CAN | Cache Settings | Compression |
|
|
Rules Engine |
|
|
|
Purge/Load |
|
|
|
Defend |
Defend menu item |
|
|
Welcome |
|
|
|
Dashboard |
|
|
|
Profile Manager |
This privilege contains sub-privileges that determine whether a user may create, edit, delete, or view a profile. |
|
|
Instance Manager |
This privilege contains sub-privileges that determine whether a user may create, edit, delete, or view an instance. |
|
|
Storage |
Storage menu item |
|
|
RSYNC |
This privilege also determines whether a user will be able to authenticate to CDN storage via a third-party SFTP or RSYNC tool. |
|
|
Analytics |
Analytics menu item |
|
|
Core Reports |
|
|
|
Traffic Summary |
Traffic Summary pageLocation: Analytics | Core Reports | Traffic Summary |
|
|
Bandwidth |
Bandwidth menu item (side navigation bar)Location: Analytics | Core Reports | Bandwidth |
Each individual Bandwidth report has a dedicated privilege that controls whether a user will be allowed to access the page on which that report resides. These privileges are listed below.
|
|
Data Transferred |
Each individual Data Transferred report has a dedicated privilege that controls whether a user will be allowed to access the page on which that report resides. These privileges are listed below.
|
|
|
Hits |
Hits menu item (side navigation bar)Location: Analytics | Core Reports | Hits |
The CAN privilege controls access to the page on which this report resides. |
|
Cache Statuses |
Cache Statuses menu item (side navigation bar)Location: Analytics | Core Reports | Cache Statuses |
The CAN privilege controls access to the page on which this report resides. |
|
Cache Hit Ratio |
Cache Hit Ratio menu item (side navigation bar)Location: Analytics | Core Reports | Cache Hit Ratio |
The CAN privilege controls access to the page on which this report resides. |
|
Cnames |
Cnames menu item (side navigation bar)Location: Analytics | Core Reports | Cnames |
The CAN privilege controls access to the page on which this report resides. |
|
CDN Storage |
CDN Storage menu item (side navigation bar)Location: Analytics | Core Reports | CDN Storage |
|
|
Usage |
|
|
|
IPv4/IPv6 |
IPv4/IPv6 menu item (side navigation bar)Location: Analytics | Core Reports | IPv4/IPv6 |
|
|
Data Transferred |
IPv4/IPv6 Data Transferred pageLocation: Analytics | Core Reports | IPv4/IPv6 |
|
|
Notes |
|
|
|
Custom Reports |
Custom Reports menu itemLocation: Analytics | Custom Reports |
|
|
Advanced CAN Reports |
Advanced CAN Reports menu itemLocation: Analytics | Advanced CAN Reports |
|
|
CAN Platform |
Each individual Advanced CAN report has a dedicated privilege that controls whether a user will be allowed to access the page on which that report resides. These privileges are listed below.
|
|
|
Notes |
Notes pageLocation: Analytics | Advanced CAN Reports | Notes |
|
|
Real-Time Stats |
Real-Time Stats menu itemLocation: Analytics | Real-Time Stats |
Each individual Real-Time Statistics report has a dedicated privilege that controls whether a user will be allowed to access the page on which that report resides. These privileges are listed below.
|
|
Edge Performance Analytics |
Edge Performance Analytics menu itemLocation: Analytics | Edge Performance Analytics |
|
|
CAN |
CAN pageLocation: Analytics | Edge Performance Analytics | CAN |
Each individual CAN (Edge Performance Analytics) report has a dedicated privilege that controls whether a user will be allowed to access the page on which that report resides. These privileges are listed below.
|
|
Raw Log Settings |
Raw Log Settings menu itemLocation: Analytics | Raw Log Settings |
|
|
Admin |
Admin menu item |
|
|
Users |
In addition to granting access to the Users page, this privilege also allows read-only access to each user's properties. This privilege contains the following sub-privileges:
A user's custom ID may be defined when adding or modifying a user. |
|
|
Company Settings |
|
Edgecast CDN