User Permissions

The following tables provide information on the rights and privileges granted to ShiftLeft users based on their assigned role. The first major section covers organization-related roles, while the second major section covers team-related roles.

For more information about organization- vs. team-related roles, see RBAC.

Organization Roles

Administrative Control and Subscriptions

OwnerSuper AdminPower UserMemberGuest
Change Org Owner
Assign Super Admin Role
Delete an Org
Claim and Use Ocular License
Manage Ocular Licenses
Upgrade ShiftLeft Subscription

Organization Management

OwnerSuper AdminPower UserMemberGuest
Get basic info about the org
Update org info
Get org configuration
Update org configuration
Manage SAML config
Get list of org's integration tokens
Create an integration token
Delete integration tokens

Team and User Management

OwnerSuper AdminPower UserMemberGuest
List org users
List teams in the org
Get info about teams
Create invite to add users to the org
See pending invites
Delete pending invites
Update teams (modify which users and apps are affiliated with a team)
Update users' roles
Delete a team (does not delete the users or apps)
Delete users

App Management

OwnerSuper AdminPower UserMemberGuest
List org apps
Create (add) a new app via the ShiftLeft CLI
Add an app via GitHub integration
Delete an app
Update app configuration (e.g., VCS settings, policies)
Update custom policies

Viewing Scans and Findings Information

OwnerSuper AdminPower UserMemberGuest
Read/write comments on findings
Read results from analysis
Update findings metadata
Submit an app for analysis

Team Roles

Team and User Management

Team AdminTeam MemberTeam Guest
List users the belong to the org
List own teams
Get info about own teams
Update team members (cannot add apps to team)

App Management

Team AdminTeam MemberTeam Guest
Delete an app
Update app configuration (e.g., VCS settings, policies)
List org apps
Create (add) a new app via the ShiftLeft CLI
Add an app via GitHub integration

Viewing Scans and Findings Information

Team AdminTeam MemberTeam Guest
Read results from analysis
Read/write comments on findings
Update findings metadata
Submit an app for analysis