Creating and editing roles

This page provides guidance on creating and editing roles to customize user access and control in accordance with your organizationโ€™s requirements.

To create and edit roles, you need to access the โ€œRolesโ€ page within the โ€œUsers and Rolesโ€ tab.

User management tasks, such as adding, editing, deleting and assigning roles to users, can only be performed by roles that have been granted the โ€œCan manage roles and usersโ€ permission. Ensure that the role assigned to your account has this permission in order to access and manage user accounts.

Contents:

  1. Creating a new role
  2. Editing an existing role
  3. Find the role
  4. Defining role permissions

Creating a new role

To create a new role with customized access permissions, follow these steps:

  1. Access the โ€œRolesโ€ page from the โ€œUsers and Rolesโ€ tab.
  2. Look for the โ€+ Roleโ€ and click on it.
  3. Provide a descriptive name for the new role to reflect its purpose or responsibilities.
  4. Define the desired access permissions for the role by selecting the appropriate checkboxes options.
  5. Consider the specific product types or individual product that should be accessible to users assigned to this role.
  6. Save the new role by clicking โ€œCreateโ€ to add it to the list of available roles in the AppSec Portal.

New role creating

Please note that the value of โ€œProduct typeโ€ takes precedence over the value of โ€œProductโ€. If any values are selected for the โ€œHas access to products with typesโ€ section in the role settings, users with that role will see all products with the chosen type, regardless of the values specified in the โ€œHas access to productsโ€ section

{% endhint %}

Editing an existing role

To modify the access permissions or details of an existing role, follow these steps:

  1. Access the โ€œRolesโ€ page from the โ€œUsers and Rolesโ€ tab.
  2. Locate the role you want to edit from the list of available roles.
  3. Select the role to view its details and permissions.
  4. Make the necessary changes to the roleโ€™s name or access permissions by selecting or deselecting options.
  5. Delete the role if necessarily by pressing โ€œDeleteโ€ button.

The role editing

Find the role

To find the specific role youโ€™re interested in, please use the search function.

Defining role permissions

When creating or editing a role, it is important to carefully consider the access permissions required for the role. Each permission determines the level of access and control a user with that role will have within the AppSec Portal. Evaluate the specific functionalities and data that should be accessible to users assigned to the role and select the appropriate permissions accordingly.

Permission levelRule visibilityRule editingAdding/removing affected products from rules
No access (no available product types/products affecting this rule for the role)Rule is hiddenN/AN/A
Partial access (at least one product in this rule is available for the role)Rule is viewableRestrictedAllowed (only products that are specifically assigned to the role)
Full access (all products in a rule are available for the role)Rule is viewableAllowedAllowed
Previous
Managing user roles and access control
Next
User management