- Products ProductsLocation Services
Solve complex location problems from geofencing to custom routing
PlatformCloud environments for location-centric solution development, data exchange and visualization
Tracking & PositioningFast and accurate tracking and positioning of people and devices, indoors or outdoors
APIs & SDKsEasy to use, scaleable and flexible tools to get going quickly
Developer EcosystemsAccess Location Services on your favorite developer platform ecosystem
- Documentation DocumentationOverview OverviewServices ServicesApplications ApplicationsDevelopment Enablers Development EnablersContent ContentHERE Studio HERE StudioHERE Workspace HERE WorkspaceHERE Marketplace HERE MarketplacePlatform Foundation and Policy Documents Platform Foundation and Policy Documents
- Pricing
- Resources ResourcesTutorials TutorialsExamples ExamplesBlog & Release Announcements Blog & Release AnnouncementsChangelog ChangelogDeveloper Newsletter Developer NewsletterKnowledge Base Knowledge BaseFeature List Feature ListSupport Plans Support PlansSystem Status System StatusLocation Services Coverage Information Location Services Coverage InformationSample Map Data for Students Sample Map Data for Students
- Help
Entities and Roles
Entities
| Entity | Description | ||
|---|---|---|---|
| Organization | An organization (org) scopes all the users, apps, and resources within the same security namespace. When you log into the HERE platform as a user, you must enter your organization ID. | ||
| Project | A project is an access-controlled collection of resources (catalogs, pipelines, schemas, and services). Any user can create new projects. Both org admins and project admins can manage projects. The HERE platform credit usage report can be filtered by usage of all of the resources in a project, automatically retrieved by project ID. For more information, see Manage projects. | ||
| Group | A group is a collection of users and apps. Any user can create new groups. Both org admins and group admins can manage group memberships. For more information, see Manage groups. | ||
| Identity | An identity is a user or an app. Org admins and org inviters can invite new users to their org. For more information about users, see Invite users and Manage users. Users can create apps, and apps that have been explicitly enabled to do so can also create apps. For more information about apps, see Manage apps. |
Entity-related limits
| Constraint | Limit |
|---|---|
| Maximum number of groups an identity can be a part of | 50 |
| Maximum number of permissions for users, apps, groups | 10000 |
| Maximum number of apps that a user can have access to | 100 |
| Maximum number of apps that an organization can have | 5000 |
Roles and permissions
The platform enables secure team collaboration using HERE account authentication and authorizes access based on the following roles and permissions.
| Role | Permissions/description |
|---|---|
| User | Granted basic access to platform functionality for users and applications. |
| Org admin | Extends the user role with permissions to invite new users, manage users, and manage groups. If the Manage all apps and resources toggle on the user profile page in the Access Manager is turned on, the admin can also manage apps and resources, including sharing and deleting them. There can be multiple admins within an organization, and each organization must have at least one admin. We recommend that you limit the number of org admins and instead encourage user management with groups by group admins. |
| Group admin | Extends the user role with permission to manage groups for which the group admin is the designated administrator |
| Project admin | Extends the user rule with permission to manage projects for which the project admin is the designated administrator |
| Org inviter | Extends the user role with permission to invite new users |
| Monitoring dashboards editor | Extends the user role with permissions to edit monitoring dashboards, edit notification channels, edit alerts, and see alert events in dashboards |
| Trusted org manager | Extends the user role with permissions to establish trust with another org for the purpose of sharing resources. |
| Member | A user or app who is a member of a group. Also a user, app or group who is a member of a project. The member's permissions to resources is based on the group or project's access to resources. |
