Skip to content
English
  • There are no suggestions because the search field is empty.

What Role-Based Permissions Can be Configured?

A complete list of resources and their associated permissions for the roles feature.

Version Number: v1.0.0

Published Date: 08 Dec 2025

Resource: Asset

Resource name: View

  • Retest Asset
    Retesting is controlled by the manage_assessments permission, not Asset View.
  • Scan Freeze Windows
    This permission was originally called Pause Windows.
  • View API Descriptors
    Included with Asset View permission.
  • Download API Descriptors
    Included with Asset View permission.
  • Download API Descriptor Status
    Included with Asset View permission.
  • Create API Descriptors / Create from URL
    Included under Asset View permission.
  • Validate Users permitted to access API Descriptor files
    Grants the “View API Descriptor” permission.
  • View Assessments
    You can view assessments for assets you have view permissions on.
  • View Location Specifiers
    You can view location specifiers for assets but cannot edit or delete them.
  • Check Existence of Location Specifiers
    Allows use of the check_existence endpoint.
  • View Schedules on Asset
    You can see schedules for assets you have view permission on.
  • View Annotations
    You can see annotations for assets you have view permission on.
  • Create/Update/Delete Annotations
    Allowed under view permission; you can only edit or delete your own notes.
  • View Tags
    Included with Asset View permission.

Resource name: Create

  • View Available Licenses
    Requires “View License” permission.
  • Assign License
    Requires “Edit License” permission.
  • Unassign License
    Requires “Edit License” permission.

Resource name: Edit

  • Initiate Scanning
    Allows marking an asset as “ready for scanning.” Further actions require manage_assessments.
  • Assign/Unassign Licenses
    Requires View Asset and Edit License permissions.
  • Update/Delete API Descriptors
    Allowed under Edit Asset permission.
  • Manage Location Specifiers
    Requires Edit Asset permission; cannot manage without it.
  • Create/Delete Tags
    Requires Edit Asset permission.

Resource name: Edit Credentials

  • Create/Update/Delete Asset Credentials
    Allows a user to create/delete credentials for in-scope assets.

Resource name: Manage Assessments

  • Start/Pause/Resume Assessment
    Allows a user to start/pause/resume assessments 

Resource name: Manage Pause Schedule

  • View/Create/Edit/Delete Pause Schedules
    Currently unavailable; will be available when the feature is complete.

Resource: Scan Profile

Resource name: View

  • View Scan Profile
    Available only for select users via feature flag.

Resource: Assessment Config

Resource name: View

  • View Assessment Config
    Admin-only feature.

Resource: Definition

Resource name: View

  • View Definitions
    Available for all users.