User Roles
Learn about the different roles within OpsLevel, including basic role-based access control (RBAC) for creating and editing Service Maturity checks and campaigns.
User Roles in OpsLevel
In OpsLevel, users can be assigned to one of two roles; as an Admin or a User.
Admins have full access throughout the application, while Users are restricted in some of actions they can perform. The role you assign to a user should depend on the types of actions you wish for them to be able to perform in OpsLevel.
Admins have some additional permissions compared to Users. These permissions include:
- User management. Admins have the ability to invite, remove and edit users. They also have the ability to logout other users.
- Account wide settings. Admins can edit account-wide settings such as Tiers and Lifecycles. They can also view the plan and current usage for the organization as well as configure Single Sign-On.
- Check permissions. Admins have full permissions when it comes to making Check or Rubric related changes while Users have read-only permissions. Refer to the Check Related Permissions section for a full breakdown of the difference between the two roles.
- API tokens. Admins can also create tokens with write access for our GraphQL API while Users can only create tokens with read-only permissions.
You can easily figure out which role a user has by going to the Users page. There you can find a list of all the users in your account and their assigned role. As mentioned above, if you are assigned as an Admin you be able to perform specific actions on this page such as inviting new users, modifying the roles of existing users, and removing other users.
Check Related Permissions
As mentioned above, Admins have full write permissions for Check and Rubric related features while Users will only have read-only permissions. This includes restrictions on creating, updating or deleting Checks, Filters, Campaigns, Categories & Levels, and on updating the Rubric. The following tables show the difference in permissions between the two roles for Check related functionality.
Users:
| Create | Read | Update | Delete | |
|---|---|---|---|---|
| Checks | ✓ | |||
| Campaigns | ✓ | |||
| Levels & Categories | ✓ | |||
| Filters | ✓ | |||
| Rubric | N/A | ✓ | N/A |
Admins:
| Create | Read | Update | Delete | |
|---|---|---|---|---|
| Checks | ✓ | ✓ | ✓ | ✓ |
| Campaigns | ✓ | ✓ | ✓ | ✓ |
| Levels & Categories | ✓ | ✓ | ✓ | ✓ |
| Filters | ✓ | ✓ | ✓ | ✓ |
| Rubric | N/A | ✓ | ✓ | N/A |
The read-only permissions also extend to our GraphQL API. The mutations for these Check related objects follow the same permissions for Admin and Users as specified in the above tables.
Updated 7 months ago