Organization roles

Users may have different roles across different organizations.

Every user has a default role for the default organization.

These are the organization roles:

  • An Organization Administrator is responsible for configuration and management of the organization.

  • An Organization RulesAdmin can edit rules and policies in the application, enable Protect, manage notifications and scoring for the organization.

  • An Organization Editor can remediate findings, add tags, manage vulnerabilities, edit attributes, merge applications, add or delete applications, and create servers. The majority of Contrast users have this role.

  • A Organization Viewer has read-only access to the Contrast interface to see scores, libraries, vulnerabilities and comments, but can't perform edits to traces to the application.

  • The No Access role for a particular organization blocks users from that organization.

You assign organization roles by adding users to an organization access group.