User Roles & Access
Access to functionality and data in AppControl is divided into 2 parts:
User Roles. User roles grant access to AppControl functionality and the ability to manage system data, but do not (except for the Platform Administrator role) give access to specific apps.
App Roles. Assigning users to apps gives them access to view and manage those apps, based on the user roles that have been assigned to them.
This means that to use AppControl a user needs both a specific user role, and also needs to be assigned to 1 or more apps (otherwise the user will have rights to perform actions and view data, but there will not be any apps visible to view or manage!).
User Roles
There are 5 different user roles in AppControl:
Platform Administrator
Manage system settings, Manage groups, App Access, All Policies, All Pipelines, All Tasks
All apps, policies, releases, tasks, repository information.
Group Administrator
Manage group members, App Access for apps in group, Group Policies, Group Pipelines, App Pipelines (in group), Group Tasks, App Tasks (in group)
In groups where assigned as Group Admin: all apps, policies, releases, tasks, repository information.
App Administrator
App Policies, App Pipelines, App Tasks, App Pipelines
All apps in groups where assigned as Group Member, All apps where assigned as App Member.
App Viewer
View only.
All apps in groups where assigned as Group Member, All apps where assigned as App Member.
No Access
None
None
App Roles
There are 3 different app roles in MxOM:
App Owner
App Info, Approve Releases
Policy, release, task, environment and repository information.
App Administrator
App Policies, App Pipelines, App Tasks, Releases, Approve Releases
Policy, release, revision, environment, configuration, task and repository information.
App Member
None.
Policy, release, environment, task and repository information.
Users can be assigned app roles through the following means:
App Group Membership. If a user is a member of a group they automatically gain the App Member role for all apps that are a member of that group. Group membership is managed by Group Administrators via the Administration > App Groups page. For more information on assigning users to groups see the App Groups page of this documentation.
Access Group Membership. If a user is a member of an access group, they can view all apps that are a member of that group. In addition they may have additional rights depending on whether they have been assigned the App Owner or App Administrator role. Access group membership is managed by Platform Administrators via the Administration > Access Groups page. For more information on assigning users to groups see the Access Groups page of this documentation.
Specific App Access. Is a user is assigned as an App Owner, App Administrator or App Member for a specific app, they will be able to see that app. For more information on assigning a user to a specific app see the Apps page of this documentation.
Last updated