The access to the main features of Probely is ruled by permissions. For instance, in order to add a target, the user needs to have the permission Create Target.

You can group permissions using Roles. For instance, the built-in role Developer can view targets, change target settings, change findings, and start scans, but cannot add targets.

You can then map roles to users at an account level or at a target level:

  • Account roles: When you are adding a user, you can set the user's role, which is applied to all targets of the account, i.e., the role is set at an account level or global scope.
  • Target roles: If you want to grant a user access to a single target or group of targets, you can leave the account role empty and assign the role at a target level (under target settings -> access).

You can also combine both levels of roles. You can have a user that has, for instance, the role Developer at an account level and a role Admin on a specific target.

It's also important to know that there is a special permission that behaves differently than others. Imagine that you create a user and set an account-level role that only has one permission - Create Target. When this user logs in on Probely, he/she will not be able to see or access any existing target but can create targets. When the user creates a target, he/she will be the owner of the target. At a target level, the user has the admin role on targets that he/she created.

Add Role screenshot
Add User screenshot

Target Settings screenshot

Did this answer your question?