Roles and Permissions

User permissions in Workstation derive from roles configured in the User Management application.

Roles

A role contains permissions that control the features, components, and administrative settings a user can access. For more information, see the detailed list of permissions in the User Management User Guide.

Recommended Minimal Permissions

For most users, the following permissions are recommended to support basic Workstation functionality.

 View & Edit

Workstation

→

Views

 View

User Management

→

Users

Groups

Users can belong to multiple groups. Groups share the same permission structure as roles, but allow flexible combinations for access control.

When role and group permissions do not match, the highest permission level is honored. For example, if a user has "view" permissions, but is placed in a group with "edit" permissions, then the user will have "edit" permissions as long as they remain in the group.

tip

Groups can be used to grant one-off permissions without creating additional roles.

For example, if you have a standard Threat Analyst role, but want to give a specific analyst extra permissions, you can create a group with only those permissions, and assign the specific user to that group.