How-to: Managing Workgroups and Roles, and Impact on Permissions
Issue
Is a difference between a Workgroup or a Role, and if so, how would that affect permissions?
For example, let's say the Quality Control (QC) Manager in a DNA sequencing lab enters the final protocol of a QC check workflow and is required to input their credentials to proceed forward. However, after entering their credentials they receive an error claiming the user is not in the required Workgroup, preventing completion of the workflow. Additional examination of their account in the IAM application indicates they do have the necessary QC Manager Role assigned to their account (see screenshot below).
 |
Solution
Yes, Workgroups and Roles are similar, but they are distinct categories used for organizing user permissions in ESP
Roles define “what” a user is able to do in the application
For example, based on the situation presented above, the QC Manager verifying samples is able to proceed forward
Workgroups define “which content” a user is eligible to interact with in the application
In the example above, the Workgroup for DNA Sequencing will need to be created and/or assigned to the QC Manager
If this Workgroup is not already created, follow the steps below:
1 - Users with the correct access rights should navigate to the IAM page and select “Workgroups"
 |
2 - Select “+ New Workgroup”
3 - Enter Name for Workgroup (e.g., "DNA Sequencing")
 |
4 - Select “+ Add Users”
5 - Select users who are part of the DNA Sequencing lab
6 - Click "Save"