No Result Found

Role-Based Access Control

Learn how you can manage the access roles and permissions for different modules in Test Management.

RBAC is a security mechanism that restricts access based on user roles. It ensures that only authorized individuals have the necessary control and capabilities to perform specific tasks within Test Management. This streamlines workflow and enhances security.

Types of Roles

There are typically two types of roles used in RBAC systems:

  • IAM Roles (Identity and Access Management Roles)
    These roles control ownership and administrative privileges across all BrowserStack products. They determine a user’s ability to grant access to others.

  • Product Roles
    These roles are specific to a particular product or service and control a user’s access to features and functionalities within that product.

IAM Roles

  • Owner
    The owner role has complete control over organization settings, member management, and product access. Only one owner is permitted.

  • Admin
    The admin role possesses extensive administrative capabilities, including managing users and granting product access, but it lacks ownership privileges.

  • User
    The user role can use the product for which access has been granted without additional rights, such as extensive administrative capabilities or control. The owner or admin can assign any product role in Test Management to the user role.

Learn about IAM roles in this guide.

Product Roles

The product role controls access to specific functions in Test Management. Following are the product roles in Test Management:

  • Viewer
  • Tester
  • Product User
  • Product Admin

The table below outlines the RBAC system applicable to Test Management at the product level and the specific areas where each role can create, edit, and delete projects and test cases.

Product role Create Project Create/Edit Test Cases Delete Test Cases
Viewer No No No
Tester Yes Yes No
Product User Yes Yes Yes
Product Admin Yes Yes Yes
  • To edit or delete projects, you must have one of the following roles: IAM-level admin, IAM-level owner, Product Admin, or you must be the creator of the project.
  • Copy/Move test cases actions follow the same permissions as Create/Edit Test Cases.
  • Archieve/Retrieve test cases actions follow the same permissions as Delete Test Cases.
  • Users with Viewer permissions can comment on test cases.

The following table outlines how RBAC permissions apply to public URls.

Feature Restrictions
Data access control Anyone with the public URL can view the associated data, even without a Test Management account.
Create public URL Any user role, except Viewer, can create share via public URLs.
Delete public URL To delete a public URL, switch the Enable public link toggle to off. Re-enabling the toggle generates a new, unique, sharable URL.

Assign product role

Invite users

To collaborate effectively on BrowserStack, you can invite users to your workspace. Inviting users allows you to grant specific access and permissions they need to work on your projects.

To invite users, follow these steps:

  1. Access User Management of your BrowserStack account.
  2. In the INVITATIONS section, enter the email addresses of the users you wish to invite. If you have a list, upload it as a .csv file.
  3. Assign the appropriate IAM role to define their permissions.

  4. For each user, select the desired BrowserStack products they can access using the Product Access dropdown.

    Tester based access

  5. Click Send invite to dispatch email invitations or Copy link to obtain a shareable invite link.

Now, you can add new users to your BrowserStack workspace, granting them the required access and permissions.

Modify Product role of a user

You can modify product roles based on the access required by the user.

  1. Access the USERS section in User Management settings.
  2. Locate the user whose product role you want to change.
  3. Click the kebab menu (three vertical dots) beside their current Product Accesses setting. Select the user
  4. In the modify access window, select Test Management and use the Product Role dropdown menu to assign the desired role for that product.

Select the user

By customizing product roles, you ensure that each user has precisely the level of access they need within your BrowserStack workspace.

Default roles

When you invite new users to your BrowserStack workspace without assigning product roles, the roles are automatically determined to streamline setup:

  • IAM Admins and Owners are granted the Product Admin role for each BrowserStack product, which gives them full control.
  • Other invited users receive the Product User role by default.

Request Access

If you find you need more permissions (such as creating or editing projects and test cases), follow these steps:

  1. Locate the Request Access button. You will likely find this prominently displayed if you have limited permissions.
  2. Click Request Access. A sample Test Cases screen showcasing the Request Access button to the Folders and Test Cases areas

This sends a notification to an Admin or Owner within your BrowserStack workspace.

Manage user access permissions for custom fields

Accidentally deleting or unlinking a project can lead to permanent data loss. To prevent this, Test Management offers granular permissions for managing custom fields based on user roles. These permissions control the configuration of custom fields and do not affect how users generally use these fields.

Permissions Overview

Permissions are assigned based on the user’s product role. The following information summarizes the permissions for each role:

View

Allows you to see system and custom fields along with their values but cannot make any changes.

Create

Enables you to create new custom fields and their values. This permission is necessary for adding fields during quick import or CSV import.

Edit

Allows you to update existing custom fields and values, manage data sets, and link or unlink projects. Editing is limited to custom fields and you cannot edit system fields.

Delete

Permits you to delete custom fields and their values, including entire data sets. You cannot delete system fields.

The following table summarizes the permissions for each role:

Product Role Create/Edit Delete View
Product Admin Yes Yes Yes
Product User No No No
Tester No No No
Viewer No No No
  • During Import: You can create new fields during quick import or CSV import only if you have the ‘Create’ permission.
  • System Fields: Cannot be deleted or edited by any user.

By assigning appropriate permissions based on user roles, you can safeguard your projects from accidental changes or deletions. Only Product Admins can modify custom field configurations, ensuring the integrity of your data.

We're sorry to hear that. Please share your feedback so we can do better

Contact our Support team for immediate help while we work on improving our docs.

We're continuously improving our docs. We'd love to know what you liked





Thank you for your valuable feedback

  • ON THIS PAGE

    Is this page helping you?

    Yes
    No

    We're sorry to hear that. Please share your feedback so we can do better

    Contact our Support team for immediate help while we work on improving our docs.

    We're continuously improving our docs. We'd love to know what you liked





    Thank you for your valuable feedback!

    Talk to an Expert
    Download Copy Check Circle