Managing Permissions

Privileges and Permissions

Depending on user privileges and permissions, each user can access different sections of the console and view different types of information as per their authorization level. The permissions management system is based on the concepts of user roles and access groups

We recommend that you assign the least permissive role needed for users to complete their tasks.

For example, assign the Customer role to users who only need to view an analysis report for a specific application but not take action, such as applying configurations or editing an assessment.

Revoke or Grant Permissions

To Revoke or Grant a permission for a specific role in the organization, simply click the checkbox(es) next to each individual permission in the permissions list for each individual role.

Role-Based Access Control

Some Administrative permissions are disabled from being assigned to other user role(s). These permissions will display in the permissions list with greyed out checkboxes.

List of Permissions

  • Configure an app
  • Create / Deactivate groups
  • Deactivate/reactivate users
  • Edit app assessment findings
  • Edit my profile
  • Generate/manage API tokens for my own user
  • Invite users
  • List any user’s API tokens in the org
  • List integrations for the group
  • Manage integrations
  • Manage membership for all groups
  • Manage membership for their own groups
  • Manage permissions
  • Print assessment findings report
  • Revoke any user’s API tokens in the org
  • Run an assessment on an existing app
  • Stop a job that I started
  • Stop a job that any user in the org started
  • Upload an app build
  • View account limits
  • View all apps
  • View all groups in the org
  • View app assessment
  • View app assessment history
  • View my group’s apps
  • View my profile
  • View users in my groups
  • View users in my organization

Role-Based Access Control