Skip to main content

Creating Application Roles

An application role represents a group of application owners who share similar permissions. Similar to the role-based permissions granted to Key Manager administrators, application owners are also granted permissions in a role-based fashion: in each application, permissions are granted per application role, and the application owners belonging to those application roles inherit the permissions for that application.

To define the allowed application roles via the Key Manager GUI:

  1. On the Settings→General page under the Global category, find the setting List of allowed application owner roles.

  2. Specify the allowed application roles as comma-separated names. For example, to specify two application roles, key_approver and ao, specify the following value for the setting:

    key_approver,ao

  3. Click Apply next to the setting to apply your changes. The defined application roles can later be used for associating application permissions to application owners.