Permissions
Customize role based access permissions based on your Organization’s needs.
IAM Roles in BrowserStack
In BrowserStack, every user can have 2 levels of roles: an IAM role and a Product role. Each of them come with their own set of permissions and previleges.
-
IAM roles govern administrative access level and dictate what identity and access management privileges a user has within their Organization account on BrowserStack. Learn more about the supported IAM Roles and the associated permissions for each of these roles.
-
Product roles are more diverse and and vary across products. They are distinct, product-specific roles that govern the user’s privileges related to product access and usage. They have no impact on the administrative access of members.
Generally, in the context of BrowserStack, when the term “role” is used, it specifically refers to the IAM role (and not Product role) assigned to the user.
BrowserStack offers two distinct categories of custom permissions. Firstly, there are administrative permissions that can be configured based on a member’s IAM role. And secondly, there are permission sets that can be tailored according to their product roles.
Below is a list of the IAM roles available in an Organization account on BrowserStack and permissions for each type of role:
| IAM Role | Details |
|---|---|
| Owner | An owner of an Organization on BrowserStack, is the member that has purchased the subscription. An owner has all privileges which include buying, upgrading, downgrading and cancelling subscriptions, modifying product access privileges, inviting and removing members from an Organization, and changing member roles. Each Organization can only have one owner. |
| Admin | An admin is a member that has privileges which include modifying product access privileges for other members, inviting and removing members from an Organization and changing member roles. An Organization can have more than one admin. |
| User | A user is a member who can use the products for which access privileges have been granted and can invite other users. A Organization can have multiple users, invited by an admin or the owner. |
Settings you can modify
Owner can customize and modify permissions for certain settings if required:
- Log in to BrowserStack from Owner account.
- Go to Account. Click Settings tab.
- Navigate to Permissions section.
- Click on IAM roles tab.
Below are the details of the settings that can be modified by the Owner as per their organization needs:
User Invitations and Requests
Owner can choose to restrict invitations to specific roles, control who can receive product access requests and who should be notfied when a new user joins their organization account.
Below is the list of the invitation related settings can that be modified by the Owner:
| Settings | Details |
|---|---|
| Invitations | - By default, any member can invite their team members to join Organization account on BrowserStack. - Owner can now restrict User role from inviting other members in the organization: 1. Un-check Allow Users to invite new members option. 2. Click Save. Invite section will no longer be visible (to members with User role) in the Organization page. |
| Restrict Invite from Domains | - By default, member can invite their members from any domain to join Organization account on BrowserStack. - Owner can now restrict domains from which members can join orgnization account: 1. Check Restricted by Domain option. 2. Enter domains to restrict members on. 3. Click Save. Domain restriction enabled with info on what domains are restricted will be visible in the Organization page. |
| Invite Notifications | - By deafult, notification email is sent to the Owner and Admin(s) when a new member joins your BrowserStack account via invite link. - Owner can choose who should receive email notifications when any new user joins their organization. |
| Product Access Requests | - If an existing user does not have access to a product (i.e. Live, App Live, Automate, App Automate or Percy), they can request access via the respective product dashboard. As a result, an access request email is sent to the Owner and Admin(s). - Owner can choose who should receive the product access emails from the users. |
Authentication & Security Settings
By default, only Owner can can configure security settings like Single Sign On, Auto User Provisioning and Manage Data Access for Organization account on BrowserStack.
Below is the list of the security settings can that be modified by the Owner:
| Settings | Details |
|---|---|
| Single sign-on and Auto user provisioning | - By default, Owner can configure Single Sign On and Auto User Provisioning - Owner can allow one of the Group Admin to configure these settings for organization account: 1. Check Allow a Group admin to configure SSO and AUP option. 2. Enter the email address of the admin. 3. Click Save. 
|
| Data Access Management | - By default, Owner can view and configure Manage Data Access settings. - Owner can allow one of the Admin to configure the setting for organization account: 1. Check Allow Group admins to view and manage the data access settings option. 2. Click Save. |
Account Insights and Reports
| Settings | Details |
|---|---|
| Usage Reports | - By default, only Owner can view Usage Reports section inside Test Insights. - Owner can also allow Admin(s) to have access to Usage Reports: 1. Check Allow Group Admins to view Usage reports or Allow Team Admins to view the Usage reports option. 2. Click Save. |
| Audit logs | - By default, only Owner can view and export Audit logs on the Summary page. - Owner can also allow Admin(s) to have access to Audit logs: 1. Check Allow Group Admins to view Audit logs or Allow Team Admins to view Audit logs option. 2. Click Save. |
We're sorry to hear that. Please share your feedback so we can do better
Contact our Support team for immediate help while we work on improving our docs.
We're continuously improving our docs. We'd love to know what you liked
We're sorry to hear that. Please share your feedback so we can do better
Contact our Support team for immediate help while we work on improving our docs.
We're continuously improving our docs. We'd love to know what you liked
Thank you for your valuable feedback!