Role permissions
User Roles and their permissions
There are 4 roles in APIsec. Admin, Project Manager, User and Basic. Below is a chart showing various system activities of the 1st 3 roles. Basic role is not used.
| Functionality | Use Case | User | Project Manager | Admin |
|---|---|---|---|---|
| Login | Login with SSO | Y | Y | Y |
| Login with a temporary password | Y | Y | Y | |
| Login with password-only | Y | Y | Y | |
| Login with a password and 2FA | Y | Y | Y | |
| Recover Credentials | Forgot Password | Y | Y | Y |
| User Onboarding | Add New User | N | N | Y |
| Add New Users(Bulk) | N | N | Y | |
| Add Guest User | N | N | Y | |
| Remove Guest User | N | N | Y | |
| Reset Password - Local User | N | N | Y | |
| Modify Role - Local User | N | N | Y | |
| Modify Role - Guest User | N | N | Y | |
| Activate - Local User | N | N | Y | |
| Deactivate - Local User | N | N | Y | |
| Activate - Guest User | N | N | Y | |
| Deactivate - Guest User | N | N | Y | |
| Activate 2FA - Local User | N | N | N | |
| Deactivate 2FA - Local User | N | N | N | |
| API Onboarding | API Registration via API Gateway | N | Y | Y |
| API Registration via Spec URL/File | N | Y | Y | |
| Add Environment | N | Y | Y | |
| Clone Environment | N | Y | Y | |
| Update Environment - Base URL | N | Y | Y | |
| Delete Environment | N | Y | Y | |
| Update Environment - Add/Update Authentication | N | Y | Y | |
| Update Environment - Delete Authentication | N | Y | Y | |
| Update Environment - Disable Authentication | ||||
| View Environment & Authentication | Y | Y | Y | |
| Manage Variables | N | Y | Y | |
| Manage Profiles | N | Y | Y | |
| Schedule Job - Daily / Weekly / Monthly | N | Y | Y | |
| API Configurations | Configure Categories - Activate / Deactivate Category - Re-Sync Category - Configure Scenarios / Tests - Update Assertions - Update Severity - Activate / Deactivate Show Responses - Activate / Deactivate Skip Filing Vulnerability |
N | Y | Y |
| Manage Playbooks - Generate Playbooks - Delete Playbooks |
N | Y | Y | |
| Manage Payloads - Update Payloads - Lock and Save Payloads - Unlock and Save Payloads |
N | Y | Y | |
| Project Management | Rename Project | N | Y | Y |
| Delete Project | N | Y | Y | |
| Add collaborators to a Project | N | Y | Y | |
| Reload Specification | N | Y | Y | |
| View Spec Comparision Report | Y | Y | Y | |
| View Spec Analysis | Y | Y | Y | |
| View Activity Logs | Y | Y | Y | |
| Scans | View All Scans | Y | Y | Y |
| Delete Scan | N | Y | Y | |
| Run an ad-hoc scan | Y | Y | Y | |
| Rescan | Y | Y | Y | |
| Reports | Send Summary Report | Y | Y | Y |
| Send Detail Report | Y | Y | Y | |
| Send Penetration Test Report | Y | Y | Y | |
| Send Developer Report | Y | Y | Y | |
| Send Compliance Report | Y | Y | Y | |
| View Summary Report | Y | Y | Y | |
| Download Summary Report | Y | Y | Y | |
| Download All Vulnerabilities | Y | Y | Y | |
| Download All Endpoints | Y | Y | Y | |
| Download All APIs | Y | Y | Y | |
| Integrations | Configure Playbook Backup Integration | N | Y | Y |
| Configure Issue Tracker Integration | N | Y | Y | |
| Configure Notifications | N | Y | Y | |
| Configure Report Storage | N | Y | Y | |
| Global Integrations | Configure Playbook Backup Integration | N | Y | Y |
| Configure Issue Tracker Integration | N | Y | Y | |
| Configure Notifications | N | Y | Y | |
| Configure Report Storage | N | Y | Y | |
| Configure API Gateway | N | Y | Y | |
| Add / Remove Skip Endpoints | N | Y | Y | |
| Configure Teams | N | Y | Y | |
| Configure API Groups | N | Y | Y | |
| Configure SSO | N | Y | Y | |
| Enforce 2FA | N | Y | Y | |
| Scanners | Manage Scanners - Create Scanner - Delete Scanner |
N | Y | Y |
| Vault | Manage Secrets | N | N | Y |
| Private Categories | Manage Private Category - Author and Save as Draft - Rebuild and Launch |
N | Y | Y |
| Security Center | View Security Center | Y | Y | Y |