Permission reference
This table lists the permissions on the server that you can assign to roles.
The following table lists the product areas with their available permissions. Because of the large number of edit sub-permissions, they are provided in a separate column.
Product area | Available permissions | Subpermissions |
---|---|---|
Agent |
|
Edit
|
Agent Configuration Template |
|
Edit
|
Agent pool |
|
Edit
|
Agent relay |
|
Edit
|
Application |
|
Create
|
Application template |
|
Edit
|
Cloud connection |
|
Edit
|
Component |
|
Create
|
Component template |
|
Edit
|
Environment |
|
Create
|
Environment template |
|
Edit
|
External Approval |
|
Edit
|
Post Processing Script |
|
Edit
|
Process |
|
Edit
|
Resource |
|
Edit
|
Resource template |
|
Edit
|
The page of permissions also includes Server Configuration and Web UI sections. These permissions affect how users can modify security settings on the server and which pages in the server user interface they can see.
Permission | Description |
---|---|
Add Team Members | Add users to roles that have the same or fewer permissions than those of the granting user. |
Edit Basic System Settings | Enables users to edit the options on the System Settings page. See, Server settings. This activity is written to the audit log. |
Edit Network Settings | Grants users the permission to access the Network page and manage servers in a server cluster. |
Manage Audit Log | Grants users the permission to manually cleanup the audit log, and configure automatic cleanup settings. If you have this permission but not the edit basic settings permission, you can edit the audit cleanup settings from the Audit Log page. This activity is written to the audit log. |
Manage Auth Token Restrictions | Create, modify and delete token restrictions. See, Restricting authentication tokens |
Manage Blueprint Designer Integrations | Grants users the permission to view and create Blueprint Designer integrations. These activities are written to the audit log. |
Manage Diagnostics | Enable users to access the diagnostics information including the Rest Call Log, Java Thread dumps, and Metadata indexing. This activity is written to the audit log. |
Manage Logging Settings | Grants users the permission to view the Logging page and edit the log4j configuration. This activity is written to the audit log. |
Manage Maintenance Mode | Allows users to enable maintenance mode. |
Manage Notifications Schemes | Enable users to manage notification schemes used for notification emails. See, Creating Notifications in a Notification Scheme. This activity is written to the audit log. |
Manage Plug-ins | Grants users the permission to install new plug-ins; see Installing plug-ins. Install and delete activities are written to the audit log. |
Manage Resource Roles | Grants users the permission to create and delete resource roles, which are created by some plug-ins. In most cases, you do not need to add or change resource roles because they are used internally. |
Manage Security | Grants users the permission to manage security configuration, including roles, authentication realms, authorization realms, and tokens. Users without this permission cannot access or change the security functions. This activity is written to the audit log. |
Manage Statuses | Grants users the permission to create and edit version, inventory, and snapshot statuses. |
Manage System Properties | Grants users the permission to create and edit system properties. This activity is written to the audit log. |
Manage Tags | Grants users the permission to create and edit tags. Users can apply tags only if they have the Edit Basic System Settings permission enabled. |
Read Artifact Set List | Enables agent relays to use component version replication by status. Assign a user with this permission to an authentication token intended for an agent relay. |
Release Locks | Enables users to manually release any locks currently held. See, Managing locks. This action is written to the audit log. |
Run Deployment Triggers | Grants users permission to run the deployment from deployment triggers. The user will need to have the required permissions and roles as if they were executing the deployment manually. |
View Audit Log | Grants users the permission to view the Audit Log page and download log files. This activity is written to the audit log. |
View Basic System Settings | Enables users to view the options on the System Settings page. See, Server settings. |
View Locks | Enables users to view any locks currently held. See, Managing locks. This action is written to the audit log. |
View Network Settings | Grants users the permission to access the Network page. |
View Output Log | Grants users the permission to view the Output Log page and download log files. This activity is written to the audit log. |
Permission | Description |
---|---|
Applications Tab | Access to the Applications tab; see Applications |
Components Tab | Access to the Components tab; see Components |
Configuration Tab | Access to the Configuration tab; see Creating, setting, and editing properties |
Dashboard Tab | Access to the Dashboard tab. |
Deployment Calendar Tab | Access to the Calendar tab; see Scheduling deployments |
Processes Tab | Access to the Processes tab; see Generic processes |
Reports Tab | Access to the Reports tab; see Reporting |
Resources Tab | Access to the Resources tab; see Resources |
Settings Tab | Access to the Settings tab; see Server settings and configuration |
Work Items Tab | Access to the Work Items tab; see Responding to approval requests |