A user's permission is determined by their role. There are five pre-defined roles: Administrator, Manager, Application Manager, Tester, and Reporting Viewer that cannot be modified or deleted. An administrator assigns users to asset groups. Administrators have the ability to change the default user role to any role (except Administrator), including a custom role. Users who have the permission to manage and invite other users cannot assign them a role that is higher than their own role. For example, a Manager cannot invite a user and assign them an Administrator role. Additionally, a user cannot invite someone to a role that has privileges that the inviting user does not have.

Note: The Administrator role is assigned to a user when your organization is created at the Cloud Marketplace. The Administrator can perform tasks in any asset group; all other user roles including the Manager can perform tasks in only the asset groups to which they have been assigned. HCL recommends you specify at least one other user as a backup Administrator.
Table 1. Predefined roles capabilities
Capability Administrator Manager Application Manager Tester Report Viewer
Create/modify apps, Assign apps to asset groups, Enable/disable policies in applications
Reset/delete applications
Create/modify webhooks
Asset Group Access
User has access only to selected asset groups (access that is granted from Asset groups management page)
User has access to all asset groups
Create/modify asset groups (name, description, contact and propagate issue status) that this user can access
Delete asset groups that this user can access
Grant/remove access to asset groups that this user can access
Create/edit scan configuration
Run scan/Rescan
Delete scan
Create/edit personal scan configuration
Run personal scan/Rescan
Delete personal scan
Promote personal scan
Create/modify an AppScan Presence
Delete an AppScan Presence
Update issue status
Update issue severity
Create/delete custom policies
Associate/disassociate a policy with an application
View Users & Roles
Invite/delete user
Assign user roles
Create/modify roles
Delete roles
Premium Features
Schedule a call with an AppScan expert (Learn more about AppScan for You)