A number of roles are defined in the product that can be assigned to a user or group.
Roles set boundaries on activities that a user or group member can perform.
Roles are assigned to users and groups within the team context. Users or groups are assigned to a
team with a specific role. The role assigned to a user is only for the team that the user is a
member. A user can be a member of multiple teams and have a different role on each.
The interlocking concept of teams, roles, and permissions ensures that users have the appropriate
permissions to perform their work and not affect processes outside of their assigned scope. The
interaction of these three concepts provides the mechanisms to create an infrastructure that is
secure and flexible.
Note: Until new users are assigned to teams, they are automatically assigned to the Default team in
the Viewer and Participant roles. Users in these roles can view objects, such as releases and value
streams, but they cannot create or edit them. Additionally, users in these roles can generate user
access tokens and access API endpoints with GET requests. Administrators grant users elevated
permissions when they assign them to roles such as Lead Developer or Release Manager.
The following tables show the available roles.
Table 1. Viewer permission
Viewer permission |
Description |
Viewer |
View UI objects such as deployment plans and value streams. Create user access token. |
Table 2. Participant permission
Participant permission |
Description |
Tasks |
Create, edit, execute, remove task. |
Viewer |
View pipelines. |
Table 3. Developer permission
Developer permission |
Description |
Manage templates |
Create, edit, and delete templates. |
Pipelines |
Schedule deployment in pipelines. |
Stories |
Create, edit, remove user stories. |
Tasks |
Create, edit, execute, remove task. |
Table 4. Lead developer permissions
Lead developer permission |
Description |
Applications |
Add, edit, and delete pipeline applications. |
Deployment templates |
Create, edit, and remove deployment templates. |
Deployment plans |
Create, modify, delete, and schedule deployment plans. |
Groups |
Create, modify, delete, and remove team groups. |
Pipelines |
Schedule deployment in pipelines. |
Pipeline environment |
Create, edit, and remove pipelines environments. |
Releases |
Create, modify, delete, and archive releases. |
Stories |
Create, modify, delete, and archive user stories. |
Teams |
Create, modify, delete, and archive members. Assign roles to team members. |
Tasks |
Create, modify, execute, and delete tasks. |
Target environment |
Create, modify, and delete target environments. |
Table 5. Release participant permissions
Release participant permissions |
Description |
Stories |
Create, modify, and remove user stories. |
Tasks |
Create, modify, execute, and run tasks. |
Table 6. Release manager permissions
Release manager permissions |
Description |
Calendar |
Modify calendar settings. Schedule releases, and run releases and calendar events using
pre-defined templates. |
Deployment plans |
Create, edit, and remove plans with templates. |
Pipelines |
Schedule deployment in pipelines. |
Releases |
Create, modify, delete, lock, unlock, and archive releases. |
Tasks |
Create, execute, edit, and remove tasks from deployment plans. |
Stories |
Create, modify, and delete user stories. |
Table 7. Lead release manager permissions
Lead release manager permissions |
Description |
Calendar |
Modify calendar settings. Schedule releases, and run releases and calendar events using
pre-defined templates. |
Deployment plans |
Create, edit, and remove plans with or without templates. Approve protected
environments. |
Deployment plan templates |
Create, edit, and remove deployment plan templates. |
Groups |
Create, modify, and remove groups. |
Pipelines |
Schedule deployment in pipelines. |
Releases |
Create, modify, delete, lock, unlock, and archive releases. |
Stories |
Create, modify, and remove user stories. |
Tasks |
Create, execute, edit, and remove tasks from deployment plans. Change task target
environment. |
Teams |
Create, remove, and edit teams. |
Users |
Create, and modify users, and remove users from teams. Assign roles to users. |
Table 8. Reporting administrator permission
Reporting administrator permission |
Description |
Insight data |
View all insight data. |
Table 9. Team administrator permissions
Team administrator permissions |
Description |
Groups |
Create, modify, and remove groups. |
Teams |
Create, edit, and remove teams. |
Users |
Create, and modify users, and remove users from teams. Assign roles to users. |
Table 10. Team administrator permissions
Product administrator permissions |
Description |
Groups |
Create, modify, and remove groups. |
Security |
Modify security settings, manage integrations, manage LDAP and SSO configurations, and define
email servers. |
Teams |
Create, edit, and remove members. |
Users |
Create, and modify users, and remove users from teams. Assign roles to users. |
Table 11. Pipeline executor
Pipeline executor permissions |
Description |
Deployments |
Run. |
Pipelines |
Schedule deployment in pipelines. |
Table 12. Pipeline designer
Pipeline designer permissions |
Description |
Applications |
Add, edit, and delete pipeline applications. |
Application environment |
Create, modify, and delete pipeline environments. |
Deployment plans |
Create, edit, and remove plans with or without templates. Approve protected
environments. |
Deployment plan templates |
Create, edit, and remove deployment plan templates. |
Pipelines |
Schedule deployment in pipelines. |
Releases |
Create, modify, and archive releases. |
Target environments |
Change task target environments. |
Tasks |
Create, execute, edit, and remove tasks from deployment plans. Change task target
environment. |
Table 13. Release executor
Release executor permissions |
Description |
Tasks |
Execute task from deployment plans. |