User permissions
The system assigns the sets of user permissions to roles. Each user account must have a role, which defines the level of access that a user has to the features in the system. For example, Administrators can create accounts, but Observers cannot.
The sets of roles and permissions that users with these roles have, are described in the following table.
Roles and permissions matrix
Permission → Role ↓ | Security | Accounts | Overall | Web | Data |
|---|---|---|---|---|---|
Security | • | • | • | • | • |
Administrator |
| • | • | • | • |
Operator |
|
| • | • | • |
Observer |
|
|
| • | • |
Export |
|
|
|
| • |
Consumer |
|
|
| • |
|
You can assign one of the following roles to a user:
- Security — Provides access to sensitive configurations, such as private key management, enabling and disabling the traffic capture, and configuring data confidentiality policies.
- Administrator — Provides access to all functions of the system that are not related to security. This role exists primarily for account management purposes.
- Operator — Provides access to all features that the Administrator role has except for account management. This role exists for device and data management purposes.
- Observer — Provides access to the web interface, but users with this role cannot make any configuration changes other than to save or edit report settings and saved query settings. The permissions of this role are sufficient to perform day-to-day tasks.
- Export — Provides no access to the web interface and is limited to downloading data via data export APIs.
- Consumer — Provides access to only the Web Performance Dashlet.
Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*