Hi,
You can alwasys define Permissions, Roles and Users on SLP Online. But the way to add a Permission to a User is to add that Permission to a Role first and then add that Role to the User. Premissions, Roles and Users are in a layered construction which gives the flexibility to user to assign permissions and roles to users.
And you're right that when creating new permissions, one only need to determine the name and the description. System has already defined several permissions (e.g. ProductsWrite, Manage, etc.) and they can't be deleted from the system. You can also assign your users with these pre-set permissions.
After definning new permissions, you can add your permission to a Role in "Roles" tab: just select the role you want to edit and click "Edit Permissions" (You may notice that system pre-set Roles are not editable or able to delete). Then go to "Users" tab and add that particular roles to the user.
If you want to create a user with API access (issue licenses and read license info) only, you need to create a role with at least Permissions of "LicensesIssue", "LicensesRead" and "ProductsRead".
Hope this explains the situation clearly. Any further problems, let us know.
--Peng