Restricting builder access to security settings

Edit online

As an administrator, you can control whether builders in your tenant can modify the embedded security settings to ensure that only authorized personnel manage security configurations. By default, builders have access to configure security in the Embedded Security page.

When you disable builder access, the following restrictions apply to all builders in your tenant:

  • The Embedded Security page displays in read-only mode for builders.

  • Builders cannot toggle the Security switch or modify the public key field.

  • API requests from builders to embedded security endpoints return 403 Forbidden errors.

  • Administrators retain full access to all embedded security settings regardless of the builder access setting.

Procedure

To control builder access, complete the following steps:

  1. Log in to your watsonx Orchestrate instance.

  2. Click your profile icon, and go to the Settings > Embedded Security tab.

  3. Locate the Allow Builders to manage security settings toggle control.

    Note:

    The toggle is visible only to users with administrator role privileges.

  4. Set the Allow Builders to manage security settings toggle based on your requirements:

    • On: Enable Builders to create, view, and modify security settings.

    • Off: Builders can view existing security settings only. All modification capabilities are locked.

  5. Confirm your selection.

Results

The change takes effect immediately for all builders in your tenant. Re-enabling builder access immediately gives full access to create and modify security settings.