Creating a user role
Create user roles to manage the functions that a user can access in IBM QRadar. By default, your system provides a default administrative user role, which provides access to all areas of QRadar.
About this task
Users who are assigned an administrative user role cannot edit their own account. This restriction applies to the default Admin user role. Another administrative user must make any account changes.
- Application-specific user roles management
-
Starting with QRadar 7.6.0, applications can define custom role capabilities in the manifest files to enable fine-grained access control. Before QRadar 7.6.0, users might grant permissions only at the application level, which resulted in access to all application features.
Application-specific role capabilities address this limitation by extending the traditional Role Based Access Control (RBAC) model. With this feature, applications display custom capabilities that allow administrators to grant access to specific application functions rather than entire application.
These custom capabilities integrate seamlessly with QRadar existing role management system. Administrators can assign application-specific role capabilities to user roles through the Admin Console (), enabling selective access control based on organizational requirements.
Note: Application-specific role capabilities (custom) are displayed under their respective applications in the role management interface, making it simple to identify and assign capabilities for a particular application.For more information on application-specific role capabilities and technical details, see Application-specific role-based access control.