Go to Users > Role Management. This is where you create new roles and make changes to the permissions for existing roles. You can also quickly assign roles to users from here.
Don't see this tab? You need to have 1) full permissions and scope, or 2) a role with the "Access Role Management Section" permission enabled.
Click the New Role button. Give the role a name and description, and then select the modules and permissions to be granted to a user when the role is assigned. Keep in mind that a user may be assigned multiple roles with different sets of permissions.
Select the role you want to assign and choose "Add To Users" from the Quick Actions menu. Then tell us which users should be assigned the role and click Save. You can remove roles from users in a similar way - just select the action Remove From Users.
Select any role in the list and choose Edit from the Quick Actions menu.
You can change the role name and description and edit the assigned permissions. Any changes you make to a role will apply to all users assigned that role. Please be sure you understand the impact to all users before making changes.
Warning - Be careful when removing the UI access permission from a role. A user will not be able to log into the UI if they don't have at least one role with the UI access permission assigned.
When you're editing the permissions for a role, you'll notice that you can define modules to be accessible and permissions within the module for the users with the current role. Learn more
The permissions for a module are organized into groups like Access Permissions, WAS Asset Permissions, User Permissions, and so on. These groups of permissions correspond to the applications available in your subscription (WAS, MDS, etc).
Simply click the title of a group to expand or hide its permissions. Then select the permissions you want to assign to the role.
The GLOBAL permission section allows you to give permissions to more than one module simultaneously. The following permissions are assigned from the GLOBAL section:
- Reporting permissions: Allows the user to create, edit, and delete a report.
- Tagging permissions: Allows the user to create, edit, delete user tags, and modify dynamic tag rules.
You can add or remove permissions from multiple roles in a single action. Select the roles you want to change and then select Add Permissions or Remove Permissions from the Quick Actions menu. Then tell us which permissions the action applies to and click Save. For example, you might want to add the user permission "Access Role Management Section" to multiple roles. This permission allows users to access the Role Management tab in the Administration UI.
User permissions by role
User permissions by object
Assigned user roles
User Roles FAQ