User management

User roles

There are three types of user’s roles in Quobis wac:

  • admin: Used for reporting roles and management. These users will have access to all the content on the system and will not be limited by permissions and/or capabilities

  • user: for standard uses, they are limited by user/domain capabilities.

  • anonymous: intended for external users with a limited scope of time or a single session

Users on the system are organized on Domains. The domains allow to spread capabilities and provide services on a limited way to a selected group of users. Different use cases could take advantage of this concept, like different companies sharing the same instance, or maybe different offices of the same company. Every resource on the system belongs to a domain, so there is a default domain configured on the system. There is a base domain called quobis but extra domains can be created based on your use case requirements.

User IDs

Users have a unique identifier, the UUID, which is tied to the database ID. It can refer to a user, a group or to any other entity that can be referred on the system. This is used to resolve usernames, alias and any other element user-friendly to refer to a functional element.


In addition to the UUID, users are also identified by its username. There is no restrictions on the minimum of maxinum number of characters of a username.

Please note that usernames in the wac-core service are unique per domain, whereas usernames in Keycloak are unique per realm. For the sake of simplicity, we use a single realm in Keycloak which leads to restrict, in practice, to have unique usernames at WAC level.

In addition, we sometimes refer in the documentation to “username” as the combination of username and domain.


In order to route calls, the wac-core and QSS service understand three different types of entities:

  • wac-user:UUID: this entity refers to a user identified by its UUID

  • wac-group:UUID: this entity refers to a user group, identified by its UUID

  • wac-voicemail:UUID: this entity refers to a voicemail system, and the UUID is the UUID of the user in that system

Quobis SDK, Quobis WAC and QSS service use these three identifiers to route calls, notify users, etc… In some cases, users are also identified by its username and domain.