Roles
In the Sitecore Cloud Portal, you can assign roles to a team member to determine their access to apps and features. There are two types of roles in the portal:
-
Organization role - determines if you can invite others to the organization, assign roles, and perform other admin tasks.
-
App roles - for each app in the organization, these roles determine whether you can access the app and what you can do with it. Each Sitecore product has a unique set of app roles.
People with the Organization Owner or Organization Admin role automatically have the highest role for all apps in the organization.
Organization roles
Your organization role determines your default app access and your ability to manage team members and organization settings.
A team member's organization role is assigned when they are invited to the organization. This role can be changed on their details page if needed.
Team members can't change their own organization role or remove themselves from an organization.
-
Organization Owner - always has the highest role in all apps. Can invite new team members and make them an Organization Owner, Organization Admin, or Organization User and manage the organization's settings. When an organization is created, Sitecore sends an email invitation to the assigned owner.
-
Organization Admin - always has the highest role in all apps. Can invite new team members and make them an Organization Admin or Organization User and also manage the organization's settings.
-
Organization User - only has access to assigned apps. Cannot invite other team members or modify their role and cannot manage the organization's settings.
We strongly recommend that you have more than one Organization Owner, in case one of them leaves the organization unexpectedly or cannot log in to their account. If your Organization Owner plans to leave, they must first assign a new Organization Owner.
Organization role capabilities
The following table shows the capabilities available for each organization role:
|
Capability |
Organization Owner |
Organization Admin |
Organization User |
|---|---|---|---|
|
Access all apps in the organization |
|
|
|
|
Access only apps where they have a specific app role, granted by an Organization Owner or Organization Admin |
|
|
|
|
|
|
| |
|
Change the organization role and app roles of other team members |
|
|
|
|
Change their own organization role or app roles |
|
|
|
|
Add or remove an Organization User |
|
|
|
|
Add or remove an Organization Admin |
|
|
|
|
Add or remove an Organization Owner |
|
|
|
|
Remove themselves from the organization |
|
|
|
|
|
|
| |
|
|
|
| |
|
Access the Sitecore AI Deploy app |
|
|
|
|
Use the Common Audit Log's Webhook REST API |
|
|
|
|
|
|
| |
|
|
|
| |
|
|
|
| |
|
|
|
| |
|
Access all Marketplace apps installed in the organization |
|
|
|
|
Access only those installed Marketplace apps where they have app access granted by an Organization Owner or Organization Admin |
|
|
|
App roles
An app role determines whether an Organization User can access a specific app, and what they can do in that app.
By default, an Organization User does not have access to any apps in the organization and needs to be assigned app roles.
People with an Organization Admin or Organization Owner role automatically have the highest role in all apps. For example, an Organization Admin will always have the Admin role in all SitecoreAI apps.
Each Sitecore product can have different roles, and depending on the app role assigned, a team member might have limited or no access to certain features within an app.
Use the following links to learn more about app roles for specific Sitecore products: