User and group management
Every Spectra Assure Portal instance is associated with exactly one organization. An organization will typically have one or more groups.
All user accounts created in an organization are listed on the Members page in the Portal and assigned one of the organization roles (Administrator, Member, Security). There is no limit to the number of users per Portal instance.
Additionally, a user can be added to one or more groups and assigned a group role (Owner, Member, Observer) in each group.
To be able to use the Portal, every user has to belong to an organization. The organization may or may not have a default group. While creating a new user account, the organization administrator should add the user to one or more groups.
User and group management processes described on this page apply to Portal instances that use the local login.
For Portal instances using SSO, most of the user management (like assigning users to SSO groups) is done in the administrator dashboard of your identity provider.
Actions like removing users from an organization are handled directly through the Portal, regardless of the used login method.
Members and groupsโ
The Members page on the Portal shows all users within the organization. On this page, organization administrators can invite new members to the organization, remove current members from the organization, and change the group membership and organization role for every member by selecting Actions > Edit Member.
The Members > Groups page on the Portal shows all groups created in the current organization. On this page, organization administrators can create new groups, edit and remove existing groups, and mark a group as the default.
The primary purpose of groups in the Portal is for organizations to be able to configure monthly limits for different teams according to their needs and use-cases. Groups also make it easier to control which organization members can access which projects in the Portal.
To see how to invite new members, manage users and groups, and add new users to groups, you can check the Members page.
Roles and permissionsโ
Access to different parts and features of the Portal is controlled by various user roles. There are two types of user roles:
- Organization roles - Organization Administrator, Organization Member, Organization Security
- Group roles - Group Owner, Group Member, Group Observer
Users with the "Organization Administrator" role have a higher level of control and can manage settings for the whole organization and all groups within it.
The "Organization Security" role is intended for your company security team as it offers only those permissions needed to effectively manage the security of your organization.
By default, users have the "Organization Member" role. Organization administrators can change the organization role for every user on the Members page.
Each user can have only one organization role, but be a member and/or owner of multiple groups. A group can have multiple users with the "Group Owner" role.
Users with group roles can access the projects owned by their respective groups, but cannot change anything on the organization level. When users are added to a group, the "Group Member" role is automatically assigned to them. Organization administrators can change this at any time.
In addition to the user roles mentioned above, there is also a Group Observer role. Users with this read-only role can explore the Portal without any risk of making unwanted changes.
The following sections provide a detailed overview of permissions for each user role in the Portal.
Access management permissionsโ
| Permission | Organization Administrator | Organization Member | Organization Security | Group Owner | Group Member | Group Observer |
|---|---|---|---|---|---|---|
| Create organization | โ | โ | โ | โ | โ | โ |
| Create group | โ | โ | โ | โ | โ | โ |
| Delete group | โ | โ | โ | โ | โ | โ |
| Add members to organization | โ | โ | โ | โ | โ | โ |
| Remove members from organization | โ | โ | โ | โ | โ | โ |
| Edit other member info | โ | โ | โ | โ | โ | โ |
| Invite members to organization | โ | โ | โ | โ | โ | โ |
| Trigger password reset | โ | โ | โ | โ | โ | โ |
| Add organization members to a group | โ | โ | โ | โ | โ | โ |
| Remove member from a group | โ | โ | โ | โ | โ | โ |
| Modify member group role | โ | โ | โ | โ | โ | โ |
| Modify member organization role | โ | โ | โ | โ | โ | โ |
| Set group as default | โ | โ | โ | โ | โ | โ |
| View group | โ | โ | โ | โ | โ | โ |
| View all groups | โ | โ | โ | โ | โ | โ |
| View all organization members | โ | โ | โ | โ | โ | โ |
| View group members | โ | โ | โ | โ | โ | โ |
File management permissionsโ
File streamโ
| Permission | Organization Administrator | Organization Member | Organization Security | Group Owner | Group Member | Group Observer |
|---|---|---|---|---|---|---|
| Upload file | โ | โ | โ | โ | โ | โ |
| Renalyze file | โ | โ | โ | โ | โ | โ |
| Delete file | โ | โ | โ | โ | โ | โ |
| Edit software info on a file | โ | โ | โ | โ | โ | โ |
| View all filestream files | โ | โ | โ | โ | โ | โ |
| Diff two files | โ | โ | โ | โ | โ | โ |
| Modify file approval status | โ | โ | โ | โ | โ | โ |
| Download approved file | โ | โ | โ | โ | โ | โ |
Data exportโ
| Permission | Organization Administrator | Organization Member | Organization Security | Group Owner | Group Member | Group Observer |
|---|---|---|---|---|---|---|
| Export reports (CycloneDX) from UI | โ | โ | โ | โ | โ | โ |
| Export reports (Sarif) from UI | โ | โ | โ | โ | โ | โ |
| Export reports (SPDX) from UI | โ | โ | โ | โ | โ | โ |
| Export reports (RL-CVE) from UI | โ | โ | โ | โ | โ | โ |
Projectsโ
| Permission | Organization Administrator | Organization Member | Organization Security | Group Owner | Group Member | Group Observer |
|---|---|---|---|---|---|---|
| Create project | โ | โ | โ | โ | โ | โ |
| Delete project | โ | โ | โ | โ | โ | โ |
| Create package | โ | โ | โ | โ | โ | โ |
| Delete package | โ | โ | โ | โ | โ | โ |
| Upload artifact | โ | โ | โ | โ | โ | โ |
| Delete artifact | โ | โ | โ | โ | โ | โ |
| Reanalyze package | โ | โ | โ | โ | โ | โ |
| Reanalyze artifact | โ | โ | โ | โ | โ | โ |
| Edit software info for an artifact | โ | โ | โ | โ | โ | โ |
| Modify artifact approval status | โ | โ | โ | โ | โ | โ |
| Download approved artifact | โ | โ | โ | โ | โ | โ |
| View projects | โ | โ | โ | โ | โ | โ |
| View packages | โ | โ | โ | โ | โ | โ |
| View artifacts | โ | โ | โ | โ | โ | โ |
| Share artifact report | โ | โ | โ | โ | โ | โ |
Portal configuration permissionsโ
| Permission | Organization Administrator | Organization Member | Organization Security | Group Owner | Group Member | Group Observer |
|---|---|---|---|---|---|---|
| Configure organization policy profile | โ | โ | โ | โ | โ | โ |
| View organization policy profile | โ | โ | โ | โ | โ | โ |
| Configure group policy profile | โ | โ | โ | โ | โ | โ |
| View group policy profile | โ | โ | โ | โ | โ | โ |
| Assign monthly processing capacity to organization | โ | โ | โ | โ | โ | โ |
| Assign promotional capacity to organization | โ | โ | โ | โ | โ | โ |
| View organization monthly capacity and usage | โ | โ | โ | โ | โ | โ |
| Add capacity reservation for a group | โ | โ | โ | โ | โ | โ |
| View monthly usage summary per group | โ | โ | โ | โ | โ | โ |
| View monthly usage details per group | โ | โ | โ | โ | โ | โ |
| Setup SSO for organization | โ | โ | โ | โ | โ | โ |