Skip to main content

Organization roles

Users may have different roles across different organizations.

Every user has a default role for the default organization.

These are the organization roles:


The View role for organizations (Organization Viewer) has read-only access to the Contrast interface to see scores, libraries, vulnerabilities and comments, but cannot perform edits to traces to the application.



The Edit role for organizations (Organization Editor) can remediate findings, add tags, manage vulnerabilities, edit attributes, merge applications, add or delete applications, and create servers. The majority of Contrast users have this role.


Rules Admin

The Rules Admin role for organizations (Organization Rules Admin) can edit rules and policies in the application, enable Protect, and manage notifications and scoring for the organization.



The Admin role for an organization (Organization Administrator) is responsible for the configuration and management of the organization.


You assign organization roles by adding users to an organization access group.

See also

View permissions