Access and permissions

To access Battery Passport in your tenant’s workspace, you need — besides access to the tenant itself — the corresponding roles to work with Battery Passport.

Your tenant manager can grant you access and permissions, also for technical clients (technical users). As a tenant manager, handle user management with the Multitenant Access Control portal.

Available default roles for Battery Passport:

Name Description Role key

Battery Passport Viewer

Required to see the application and its contents in your tenant’s workspace.
With only that role, users can view the Battery Passport module in the workspace.

BATTERY_PASSPORT_VIEWER

Battery Passport Manager

Additionally, with this role, users can view battery passport information from the perspective of the Economic Operator in the workspace and update local approval status.

BATTERY_PASSPORT_MANAGER

Battery Passport Legitimate Interest Viewer

With this role, users can view restricted information in the battery passport from the perspective of Persons of Legitimate Interest and download the battery passport.

BATTERY_PASSPORT_LEGITIMATE_INTEREST_VIEWER

Battery Passport Legitimate Interest Editor

With this role, users can modify specific information in the battery passport (e.g., battery status) from the perspective of Persons of Legitimate Interest.

BATTERY_PASSPORT_LEGITIMATE_INTEREST_EDITOR

As a developer, note that the URN (included in the token) for a role gets constructed as follows:

urn:macma-application-role:<tenant-id>:<client-id>:<role-key>

The placeholders mean:

  • <tenant-id> — Your tenant ID.

  • <client-id> — Part of the credentials for your technical client. The client credentials were created when the corresponding module was created. See also Modules: Grant access for technical clients.

  • <role-key> — Is indicated for each role in the role overview.