Roles & permissions

Overview

Define roles, scopes and field-level permissions that match how your organisation actually works. SSO group mapping, time-bound grants and per-location scopes included.

Why it matters

Healthcare roles are messy — locum doctors, visiting consultants, agency nurses, finance auditors. Generic role models force admins to over-grant. Onzira lets you grant exactly what's needed for exactly as long as it's needed.

Capabilities

Every capability is included in the box — no add-ons, no surprise upgrades.

• Predefined roles + custom roles
• Per-module and per-field rules
• Location and department scopes
• Time-bound access grants
• SSO group mapping (Okta, Azure AD)
• Break-glass access with review
• Delegation for leave coverage
• Per-action approval workflows

How teams use it

A typical day-in-the-life workflow our customers run on this module.

• Define roles centrally; SSO maps them
• New hires inherit role on day one
• Time-bound grants for locums auto-expire
• Quarterly access review with one-click revoke

Integrations

Connect with the tools your clinic already uses.

• Okta, Azure AD, Google Workspace
• SAML 2.0 + OIDC
• SCIM provisioning (Enterprise+)

Security & compliance

Enterprise-grade controls on by default.

• Least-privilege defaults
• Approval workflows for sensitive grants
• Full audit of every permission change

Outcomes

What customers typically see within the first 90 days.

• Least-privilege by default
• Easier audits and reviews
• Clean access for new hires and leavers
• Faster compliance certification