Domains Session Role
For the most part, your role is effectively determined by your interaction with domains, and there are just two roles to apply for, the others are system assigned. In addition to roles, there is a class system.
- ip-anonymousBasically same as ip-identified and 'essential cookies only' in common usage but acknowledges a request to remain anonymous.
- ip-identifiedMonitors unauthenticated access. Human users have a variety of paths below for automated authentication and conventional manual email registration is a (slow) option. Malicious account requests are ignored.
- social-networkedA basic entitlement level associated with registration thru a 3rd party Identity Provider (IdP). Same trust level as the IdP.
- tx-authenticatedA variable privilege default automatically created by a transaction such as an in-app purchase. May be limited to a particular product space or customer service group.
- developerA high privilege level that generally includes repo access.
- operatorA high privilege level that allows control of system software.
The developer, and operator roles are high privilege roles which are currently manually reviewed unless tx-authenticated as well. The other roles are initial defaults set by different automation channels.