Detailed Permissions

The following tables describe the permissions available to apply to both roles and groups.

Authoring

Permission	Read/Write	Control
Deployments	Read	Read deployment-related statuses and data.
Deployments	Write	Write deployment-related data, including the ability to deploy and terminate deployments.
Models	Read	Read authoring data models (projects, event patterns, event types, etc.).
Models	Write	Write authoring data models (projects, event patterns, event types, etc.).
Schema Discovery	Read	Use Schema Discovery to search topics and view schemas.

Data Management

Permission	Read/Write	Control
Connectors	Read	User is able to view connector configurations and status.
Connectors	Write	User is able to create, run, and stop connectors.
Upload Files	Read	User is able to see file upload status and records in the Activity Monitor page of the Data Importer.
Upload Files	Write	User is able to upload files via Data Importer.

Workstation

Permission	Read/Write	Control
Collections Export	Read	User can export CSV data and reports from a collection.
Data Delete	Write	User is able to perform administrative deletion of Workstation data.
Custom Field Templates	Write	User is able to view and edit Custom Field Templates in Workstation Designer.
Export Builder	Write	User can access/update the export builder tool to create, manage, or delete limited custom mappings from a collection into CSV format.
Ingest	Write	User can see and interact with the Admin screen and the “Ingestion settings” table on the Admin screen. Note: Write permission to "Ingest" is required for any user that wishes to set "Event Decorations" on Designer (which is handled via the "Templates Views" view permission).
Notes Attachments	Read	User can view and download attachments to a collection.
Notes Attachments	Write	User can upload attachments to a collection.
Notification Settings	Write	User can see and interact with the "Notification Settings" table on the Admin screen, but they are required to also be granted access to "Ingest", otherwise they will not see the Admin screen at all.
Report Builder	Write	User can access/update the report builder tool.
Tags	Write	User can see the Designer tab and the "Tags" mode within it. User can created, edit, or delete tags.
Templates Event Details	Write	User can see the Designer tab and the "Event Detail Templates" mode within it. User can create, edit, or delete Event Detail Templates.
Templates View	Read	User can view "View Templates".
Templates View	Write	User can create, update, or delete "View Templates". User can see the "Event Decorations" mode in the Designer tab if they also have "Write" access to "Ingest".
Views	Read	User can click into views but cannot add or delete widgets.
Views	Write	User can create, edit, and delete view. Within a view, they can create, edit, or delete widgets.

Manual Actions

Permission	Read/Write	Control
Manual Actions	Write	If an event has manual actions available, a user can access the manual event interface to perform a specific action on the event.

User Management

Permissions

Permission	Read/Write	Control
Groups	Write	User can view, edit, and delete groups.
Roles	Write	User can view, edit, and delete roles.

Users

Permission	Read/Write	Control
Info	Read	User can see a list of users in the system and their names and emails.
Info	Write	User can change the first and last name of the user.
Role	Read	User can see a list of users in the system and their roles.
Role	Write	User can change or remove a role from a user, except their own.
Groups	Read	User can see a list of users in the system and the groups they belong to.
Groups	Write	User can change or remove groups from another user account, except their own.
Account Delete	Write	User is able to delete other user accounts, except the Super Admin and their own account.

Audit Viewer

Permission	Read/Write	Control
Audit	Read	User can visit the Audit Viewer application, which allows viewing historical actions.