- 18 Feb 2024
- 1 Minute to read
- DarkLight
Roles and scopes
- Updated on 18 Feb 2024
- 1 Minute to read
- DarkLight
Workspaces with case management enabled have additional roles on top of the default user roles (Viewer, Operator, Creator, Contributor, and Owner):
In these workspaces, the default roles will also have additional scopes related to case management. The additional scopes per role are listed below:
Cases Analyst role
The Cases Analyst role only gives users access to the Cases page and enables them to perform actions on cases but not modify case management configurations.
Permissions | Scope |
---|---|
View the Cases page | cases.page.view |
List and view cases | cm.case.read |
Create and update cases | cm.case.write |
List and view observables | cm.observable.read |
Create and update observables | cm.observable.write |
List and view runbooks | cm.runbook.read |
View activity log data | event.read |
View integration data | integration.read |
View step execution data | step.read |
List existing workflows | playbook.list |
View existing workflows | playbook.get |
Run workflows | playbook.execute |
View list of workspace users | user.read |
Submit Torq interactions | interaction.submit |
Deprecated | incident.write |
Deprecated | incident.read |
Cases Viewer role
The Cases Viewer role only gives users access to the Cases page, allowing them to view cases and observables.
Permissions | Scope |
---|---|
View the Cases page | cases.page.view |
List and view cases | cm.case.read |
List and view observables | cm.observable.read |
List and view runbooks | cm.runbook.read |
View activity log data | event.read |
View integration data | integration.read |
View step execution data | step.read |
List existing workflows | playbook.list |
View existing workflows | playbook.get |
View list of workspace users | user.read |
Submit Torq interactions | interaction.submit |
Deprecated | incident.read |
Owner role
These are the case-management-specific scopes of the Owner role.
Permissions | Scope |
---|---|
View the Cases page | cases.page.view |
List and view cases | cm.case.read |
Create and update cases | cm.case.write |
Modify the structure/lifecycle of cases: add and remove custom fields, associate and disassociate runbooks, and create and delete quick actions. | cm.case.modify |
Make changes to case management configurations | cm.configuration.write |
List and view observables | cm.observable.read |
Create and update observables | cm.observable.write |
List and view runbooks | cm.runbook.read |
Create and update runbooks | cm.runbook.write |
Contributor role
These are the case-management-specific scopes of the Contributor role.
Permissions | Scope |
---|---|
View the Cases page | cases.page.view |
List and view cases | cm.case.read |
Create and update cases | cm.case.write |
List and view observables | cm.observable.read |
Create and update observables | cm.observable.write |
List and view runbooks | cm.runbook.read |
Creator role
These are the case-management-specific scopes of the Creator role.
Permissions | Scope |
---|---|
View the Cases page | cases.page.view |
List and view cases | cm.case.read |
Create and update cases | cm.case.write |
List and view observables | cm.observable.read |
Create and update observables | cm.observable.write |
List and view runbooks | cm.runbook.read |
Operator role
The Operator role doesn't have access to case management.
Viewer role
The Viewer role doesn't have access to case management.