Role-Based Access Control
Learn the different access levels in Percy
RBAC is a security mechanism that restricts access based on user roles. It ensures that only authorized individuals have the necessary control and capabilities to perform specific tasks within Percy. This streamlines workflow and enhances security.
Types of Roles
There are typically two types of roles used in RBAC systems:
-
IAM Roles (Identity and Access Management Roles)
These roles control ownership and administrative privileges across all BrowserStack products. They determine a user’s ability to grant access to others. -
Product Roles
These roles are specific to a particular product or service and control a user’s access to features and functionalities within that product.
Role Based Access Control (RBAC) is available only on paid plans of Percy. All users on a free plan will be assigned a Product admin role by default. Updating the product roles from the IAM module will not reflect on Percy for users on a free plan.
IAM Roles
-
Owner
The owner role has complete control over organization settings, member management, and product access. Only one owner is permitted. -
Admin
The admin role possesses extensive administrative capabilities, including managing users and granting product access, but it lacks ownership privileges. -
User
The user role can use the product for which access has been granted without additional rights, such as extensive administrative capabilities or control. The owner or admin can assign any product role in Percy to the user role.
Learn about IAM roles in this guide.
Product Roles
The product role controls access to specific functions in Percy. Following are the product roles in Percy:
- Viewer
- Tester
- Product User
- Product Admin
The following table summarizes which product roles can access which features on Percy by default:
Feature - Projects
Permission | Viewer | Tester | Product User | Product Admin |
---|---|---|---|---|
View | Yes | Yes | Yes | Yes |
Create | No | Yes | Yes | Yes |
Archive | No | No | No | Yes |
Users with project archive permission also have permission to move the project.
Feature - Projects Settings
Permission | Viewer | Tester | Product User | Product Admin |
---|---|---|---|---|
Allow Public View | No | No | No | Yes |
Token View | No | Yes | Yes | Yes |
Token Refresh | No | No | No | Yes |
Project Screenshots Limit Set | No | No | No | Yes |
Browsers Selection change | No | No | Yes | Yes |
Other Project Settings Change | No | No | Yes | Yes |
Feature - Builds
Permission | Viewer | Tester | Product User | Product Admin |
---|---|---|---|---|
View | Yes | Yes | Yes | Yes |
Create | No | Yes | Yes | Yes |
Approve | No | No | Yes | Yes |
Sync | No | Yes | Yes | Yes |
Sync All | No | No | Yes | Yes |
Merge | No | No | Yes | Yes |
Feature - Snapshots
Permission | Viewer | Tester | Product User | Product Admin |
---|---|---|---|---|
View | Yes | Yes | Yes | Yes |
Approve | No | No | Yes | Yes |
Comment | No | Yes | Yes | Yes |
Sync | No | Yes | Yes | Yes |
Sync All | No | No | Yes | Yes |
Merge | No | No | Yes | Yes |
Feature - Integrations
Permission | Viewer | Tester | Product User | Product Admin |
---|---|---|---|---|
Create | No | No | No | Yes |
Delete | No | No | No | Yes |
Update | No | No | No | Yes |
If you have integration permission for either App Percy or Percy, you can develop integrations for both kinds of projects.
Assign product role
Invite users
To collaborate effectively on BrowserStack, you can invite users to your workspace. Inviting users allows you to grant specific access and permissions they need to work on your projects.
To invite users, follow these steps:
- Access User Management of your BrowserStack account.
- In the INVITATIONS section, enter the email addresses of the users you wish to invite. If you have a list, upload it as a
.csv
file. - Assign the appropriate IAM role to define their permissions.
-
For each user, select the desired BrowserStack products they can access using the Product Access dropdown.
- Click Send invite to dispatch email invitations or Copy link to obtain a shareable invite link.
Now, you can add new users to your BrowserStack workspace, granting them the required access and permissions.
Modify Product role of a user
You can modify product roles based on the access required by the user.
- Access the USERS section in User Management settings.
- Locate the user whose product role you want to change.
- Click the kebab menu (three vertical dots) beside their current Product Accesses setting.
- In the modify access window, select Percy and use the Product Role dropdown menu to assign the desired role for that product.
By customizing product roles, you ensure that each user has precisely the level of access they need within your BrowserStack workspace.
Customize product roles
You can modify the product roles to suit your organization’s needs. You need to be an Enterprise User to access this feature.
How to edit the product roles
Follow these steps to edit a product role in Percy:
- Open the Roles & Permissions page and click the Product Roles tab.
-
Select Percy as the product.
- Select the Product Role you want to modify.
- Click Modify Permissions next to Configured Permissions.
- Select or deselect the permissions according to your requirements.
- Click Save Changes.
Default roles
When you invite new users to your BrowserStack workspace without assigning product roles, the roles are automatically determined to streamline setup:
- IAM Admins and Owners are granted the Product Admin role for each BrowserStack product, which gives them full control.
- Other invited users receive the Product User role by default.
Request Access
If you cannot create a project in Percy, contact your organization’s administrators for access.
We're sorry to hear that. Please share your feedback so we can do better
Contact our Support team for immediate help while we work on improving our docs.
We're continuously improving our docs. We'd love to know what you liked
We're sorry to hear that. Please share your feedback so we can do better
Contact our Support team for immediate help while we work on improving our docs.
We're continuously improving our docs. We'd love to know what you liked
Thank you for your valuable feedback!