Skip to main content

Application roles

Application roles give users permissions and capabilities within a particular application. Application roles are assigned to access groups.

Use these application roles to grant permissions and capabilities within an application:


The View role for applications (Application Viewer) has read-only access to the Contrast interface to see scores, libraries, vulnerabilities and comments, but cannot perform edits to traces to the application.



The Edit role for applications (Application Editor) can remediate findings, add tags, manage vulnerabilities, edit attributes, merge applications, add or delete applications, and create servers. The majority of Contrast users have this role.


Rules Admin

The Rules Admin role for applications (Application Rules Admin) can edit rules and policies in the application, enable Protect, and manage notifications and scoring for the application.



The Admin role for applications (Application Administrator) has no restrictions and can manage other users' access to the application.


The No Access role blocks user access to the application.

You can add application roles when you create or edit an organization access group.

See also

View permissions