| Dev PortalRoles and permissions
Roles in your organization are divided into two levels: organization-level roles and application-level roles. This page describes all the roles, and what each role can do.
Organization-level roles
- Organization Admin: Sets up your organization's Polaris account and manages users and groups within it. Each organization has at least one Organization Admin.
- Organization Application Manager: Has full access to all applications within the organization.
Note: You can assign organization-level roles to users or groups. Most users don't have organization-level permissions, but receive application-level permissions from an Application Admin. No Global Role refers to users who don't have organization-level permissions.
Application-level roles
- Application Admin: The owner of one or more applications.
- Contributor: A user with access to an application who can create and manage projects, run test, and triage issues.
- Member: A user with access to an application who can do everything a contributor can do, except create, update, or delete projects.
- Observer: A user with access to an application who can view projects, test results, and issues, but cannot run tests or triage issues.
Note: After you add a user or group to an application, you can set the user or group's application-level role.
Roles and permissions tables
| Organization-Level Roles | Application-Level Roles | |||||
|---|---|---|---|---|---|---|
| Organization Admin | Organization Application Manager | Application Admin | Application Contributor | Application Member | Application Observer | |
| Entitlements (controlled at the Application level) | ||||||
| View entitlements |  |
|
|
|
|
|
| Allocate entitlements to the application | |
|
|
 |
|
|
| Application | ||||||
| Create applications | |
|
|
|
|
|
| View applications | |
|
|
|
|
|
| Update applications | |
|
|
|
|
|
| Delete applications | |
|
|
|
|
|
| Project | ||||||
| Create projects | |
|
|
|
|
|
| View projects | |
|
|
|
|
|
| Update projects | |
|
|
|
|
|
| Delete projects | |
|
|
|
|
|
| Branch | ||||||
| Create branch | |
|
|
|
|
|
| View branch | |
|
|
|
|
|
| Update branch | |
|
|
|
|
|
| Delete branch | |
|
|
|
|
|
| Assign policies to branch | |
|
|
|
|
|
| Tags | ||||||
| Create tags | |
|
|
|
|
|
| View tags | |
|
|
|
|
|
| Update tags | |
|
|
|
|
|
| User Management | ||||||
| Add users | |
|
|
|
|
|
| Assign users to specific applications | |
|
|
|
|
|
| Reset two-factor authentication for user | |
|
|
|
|
|
| View users assigned to application-level roles | |
|
|
|
|
|
| Assign/unassign other users to application-level roles | |
|
|
|
|
|
| View list of application roles | |
|
|
|
|
|
| Group Management | ||||||
| Create groups | |
|
|
|
|
|
| View a list of all groups | |
|
|
|
|
|
| View groups you belong to | |
|
|
|
|
|
| View a group's members | |
|
|
|
|
|
| View a group's organization-level role | |
|
|
|
|
|
| View a group's application-level role | |
|
|
|
|
|
| Update a group's name | |
|
|
|
|
|
| Update a group's organization-level role | |
|
|
|
|
|
| Update a group's application-level role | |
|
|
|
|
|
| Add or remove group members | |
|
|
|
|
|
| Delete groups | |
|
|
|
|
|
| Scanning/Test Management | ||||||
| Start scan | |
|
|
|
|
|
| View scan | |
|
|
|
|
|
| Pause scan (update) | |
|
|
|
|
|
| Cancel scan (delete) | |
|
|
|
|
|
| Issue Remediation | ||||||
| Update issue (not triaged/to be fixed) | |
|
|
|
|
|
| Delete issue (dismiss) | |
|
|
|
|
|
| View issue history | |
|
|
|
|
|
| Polaris Assist | ||||||
| Enable/disable Polaris Assist | |
|
|
|
|
|
| Use Polaris Assist | |
|
|
|
|
|
| Issue tracking integrations | ||||||
| Create organization-level issue tracking connections | |
|
|
|
|
|
| View organization-level issue tracking connections | |
|
|
|
|
|
| Update organization-level issue tracking connections | |
|
|
|
|
|
| Delete organization-level issue tracking connections | |
|
|
|
|
|
| Create project-level issue tracking connection | |
|
|
|
|
|
| View project-level issue tracking connection | |
|
|
|
|
|
| Update project-level issue tracking connection | |
|
|
|
|
|
| Export issues to Azure DevOps/Jira | |
|
|
|
|
|
| View links to exported issues | |
|
|
|
|
|
| Secure Code Warrior Integration | ||||||
| Enable/disable integration | |
|
|
|
|
|
| Dashboard | ||||||
| View dashboard | |
|
|
|
|
|
| Manage default filters | |
|
|
|
|
|
| Reporting | ||||||
| Create and download report | |
|
|
|
|
|
| Delete report | |
|
|
|
|
|
| Create report configuration | |
|
|
|
|
|
| Update report configuration | |
|
|
|
|
|
| Delete report configuration | |
|
|
|
|
|
| Audit | ||||||
| View audit log | |
|
|
|
|
|
| Download audit log | |
|
|
|
|
|
| Policy | ||||||
| Create policy | |
|
|
|
|
|
| Assign/unassign policy to project | |
|
|
|
|
|
| Update policy | |
|
|
|
|
|
| Delete policy | |
|
|
|
|
|
| View policy applied to project | |
|
|
|
|
|
| Receive policy notifications | |
|
|
|
|
|
| Notifications | ||||||
| Manage global notification settings | |
|
|
|
|
|
| SCM Repository Configuration | ||||||
| Create SCM repository connection | |
|
|
|
|
|
| Bulk onboard applications and projects | |
|
|
|
|
|
| Integrate individual repositories/bulk onboarding projects into application | |
|
|
|
|
|
| View SCM repository connection | |
|
|
|
|
|
| Update SCM repository connection | |
|
|
|
|
|
| Test SCM repository connection | |
|
|
|
|
|
| Cancel bulk onboarding of applications and projects | |
|
|
|
|
|
| Cancel bulk onboarding of projects into applications | |
|
|
|
|
|
| Component | ||||||
| View component | |
|
|
|
|
|
| Update component triage status | |
|
|
|
|
|
| Export SBOM (report) | |
|
|
|
|
|
| License | ||||||
| View license | |
|
|
|
|
|
| Update License (Pick license) | |
|
|
|
|
|