Team and roles - RBAC
  • 30 Nov 2021
  • 2 Minutes to read

Team and roles - RBAC


The topic describes how to invite new users to your team and assign them role-based access controls (RBAC).


You can add your team members to Traceable's SaaS platform. When you add your team member to Traceable, you can assign one or more than one of the following three roles to them. Defining the correct role for a user helps in the separation of duties.

  • Account owner - An account owner is a person who manages the Traceable account. For example, managing users, assigning privileges, licensing, and so on. There can be more than one account owner.
  • Security admin - A security admin is typically a person who configures the security policies, investigates the attack information, monitors security events, and so on.
  • Security Analyst - A security analyst is typically a person who looks for security events and threats in the applications. They are typically part of the Security operations centre (SOC) teams or part of product security teams and need to be aware of any security events as soon as they occur. Security analyst can, for example, work with events and vulnerabilities, configure notifications and so on. 
  • Developer - A person who wants to view the risks associated with the APIs that they have developed. 

The account owner role is the highest in the hierarchy of roles and has complete control over all other users and their actions. The developer role has the least privilege. You can add a user with the same role as yours or a lower privilege role. For example, an account owner can add, edit, or delete another account owner, security admin, and developer. A security admin can add, edit, or delete another security admin or a developer. The developer has a read-only privilege. The account owner and security admin can edit all configurations, for example, creating rules, notifications, and so on. For more information, see Roles and privileges.

Navigate to Administration (Icon

Description automatically generated) > Team to add a new user to your account. Click on Invite User and assign a role to the user.

 As an Account Owner or Security Admin, you can also change the roles of existing users. Click on the three dots as shown in the screenshot below. Click on Edit.

Roles and privileges

The following table provides high-level information about privileges related to each role.

Action

Account Owner

Security Analyst

Security Admin

Developer
Navigation
  • API Intelligence Dashboard
  • Application Flow
  • API Endpoints
  • Vulnerabilities
  • Domains
  • Services
  • Backend
  • Protection Dashboard
  • Attackers
  • Events
  • Action Log
  • Traces
  • User Behavior
YesYesYesYes
OnboardingYesNoYesNo

My Preferences

YesYesYesYes
AdministrationYesNoYesNo
View and modify Administration settings
  • Team
  • Data Collection
  • Notifications
  • Integrations
  • Sensitive Data
  • Operation Mode
  • Policies
  • Threat Scoring
  • License
  • Access Token
YesNoYesNo
Actions
  • Creating and applying rate limiting rule
  • Marking parameters as sensitive or not sensitive
  • Threat actor mitigation
  • Excluding events from getting reported
  • Vulnerability status change
  • Changing the data type of sensitive parameters
  • Apply or remove tags
YesYesYesNo
Traceable roles remain the same across your different environments.

Was this article helpful?

What's Next