Contents

Although the ApplicationGroup and their content is quite dynamic, we will quickly dive into the most important subpanels.

Accounts

On this page admins can manage User accounts and permission related data.

Access requests

AccessRequest: related to User. Access requests can be requested by a user and must be approved by a handler that has at least the requested permissions to the requested object.

ApplicationToken authorizations

ApplicationToken: an application token can be generated and given appropriate permissions so that application consumers can request information.

ApplicationToken authorization profiles

ApplicationTokenAuthorizationProfile: used to relate an ApplicationToken to an AuthorizationProfile.

Atomic permissions

AtomicPermission: related to User. Atomic permissions can be given to a user to grant them specific access to specific objects.

Blueprint permissions

BlueprintPermission: related to Role. Blueprint permissions pertain to the objects:

  • zaak,

  • document.

They hold policies that specify:

  • CATALOGUS,

  • INFORMATIEOBJECTTYPE/ZAAKTYPE,

  • maximum confidentiality level.

Users

User: users should be automatically generated when they try to login through SSO.

Groups

Group: related to User. Groups can host multiple users and users can be part of multiple groups.

Roles

Role: holds a set of BlueprintPermission.

Tokens

Token: a token generated for a specific User. Should not normally be used, rather use the ApplicationToken.

User authorization profiles

UserAuthorizationProfile: used to relate a User to a specific AuthorizationProfile.

Activities

Activities

Activity: ad-hoc activities can be created in a ZAAK and are tasks that are not part of the business process. Activities can be assigned to User or Group.

Events

Event: a notable log-worthy event pertaining to a specific Activity.

Admin index

Application groups

ApplicationGroup: used to manage the appearance of the admin panel.

Axes

Access attempts

AccessAttempt: manage failed access attempts to the ZAC. Here you can clear the attempts if users are locked out.

Access logs

AccessLog: monitor failed access attempts.

Boards

Boards

Board: manage boards, AKA dashboards. Boards hold BoardColumn s. Board columns hold board items, which currently hold ZAAK or OBJECT URL-references.

Board columns

BoardColumn: manage board columns. Related to Board. A board column holds BoardItem.

Board items

BoardItem: manage board items. Related to BoardColumn.

Camunda

Camunda configuration

CamundaConfig: manage camunda configuration. Here you can configure the required credentials to connect with Camunda.

Camunda tasks

KillableTask: manage which camunda tasks are killable and which aren’t. I.e., can be cancelled by users.

Django auth adfs db

ADFS configuration (legacy)

ADFSConfig: manage the ADFS config. You can switch the ADFS on or off, configure the settings, secrets and username claims.

Elasticsearch configuration

Search reports

SearchReport: manage saved search queries related to elasticsearch. A search report can be used to quickly requery complex searches. These are not results but merely the query.

Notifications

Registed subscriptions

Subscription: manage subscriptions to Open Notificaties channel subscriptions. Used to automatically set the required notifications.

Organisatieonderdelen

OrganisatieOnderdeel: manage “organisatieonderdelen”. Not currently used.

Websites

Websites

Site: manage host site. There should be only one row and its domain should point to public URL of application.

Zaakafhandelcomponent

BRP configuration

BRPConfig: manage which Service points to the BRP.

DoWC configuration

DowcConfig: manage which Service points to the DoWC.

Forms configuration

FormsConfig: manage which Service points to the Open Forms. Not currently used.

Global configuration

CoreConfig: manage the core configuration of the ZAC. In here you configure the primary services, authorization ID of the BPTL and whether or not you allow non-ADFS login. The names of the fields are designed to be self-explanatory.

Kadaster configuration

KadasterConfig: manage which Service points to the Kadaster. Also configures the locatieserver to be used.

Kownsl configuration

KownslConfig: manage which Service points to the Kownsl.

Meta objecttype configuration

MetaObjectTypesConfig: manage the URL-references of meta objecttypes. The fields and the dropdown values are designed to be self self-explanatory. Required for checklist functionality, storing historic ZAAK behandelaren, providing basic information to kick start business processes in camunda and dropdown values for ZAAKEIGENSCHAPpen.

ZGW consumers

NLX configuration

NLXConfig: manage NLX configuration. Not currently used.

Services

Service: manage services. Please refer to config for instructions.

Landing

Landing page configuration

LandingPageConfiguration: manage landing page configuration. This is where you construct the sections, titles, links and images of the landing page.

Mozilla django oidc db

OpenIDConnectConfig: manage OIDC/SSO configuration. Supercedes ADFS configuration.