Define and assign roles

Assign users the appropriate level of access to IBM Digital Asset Haven features by defining reusable roles. Clearly defined roles help secure your organization and enforce the principle of least privilege

A role is an allowlist of permissions that determines which actions a user is allowed to perform.
Create a new role
  1. Navigate to Settings > Permissions
  2. Click Create role
You are ready to define a new role with a custom set of permissions.
Define authorized permissions
  1. Enter a name for the role. Example: Approver, a role intended for users who validate and approve transactions.
  2. Select the required permissions for the role.
    Note: Some permissions may not be directly related to transaction approval but are required to access and operate the dashboard.
  3. Create the role and sign the operation using your passkey.
The role is successfully created and is available for assignment to users, including employees and service accounts.
Assign the role to users
  1. Navigate to Organization > Users
  2. Select the user to whom you want to assign the role.
  3. Click Add role and select the newly created role.
  4. Confirm the assignment and sign the operation using your passkey.

The user is now authorized to perform the actions permitted by the assigned role, such as approving transactions.