App role and permissions

Users granted access to an organization’s VIP Dashboard with an Org guest role can only interact with an organization’s applications for which they also have an assigned App role.

A user with an Org guest role can have one of three App roles assigned to them on a per-application basis (in order of fewest privileges to most): read, write, and admin.

A user with an Org guest role in an organization that has three applications could have an assigned App read role for the first application, an App admin role for the second application, and no assigned App role and therefore no access to the third application.

Assign an App role

The settings panel for assigning an App role to a user is accessed by using the “Invite User” process or the “Edit Permissions” process.

Prerequisites

Only users with an Org admin role can invite, remove, and manage user access levels for other users in the VIP Dashboard.
If an organization currently has no users with the Org admin role, and existing users are unable to view certain features such as the organization’s Usage Plan Details, contact VIP Support for assistance.

When the “Guest” Org role is selected for a user in the “Permissions” panel, an “Applications” field will appear below “Permissions“.

A user’s access level for viewing and interacting with individual applications within the VIP Dashboard is determined by the permission levels set by a user’s App role.

Screenshot of the Applications permissions dropdown

To set a user’s App role for each application:

Select the label “No applications selected >” to view a list of all applications that belong to the organization.
A user’s current App role setting is displayed in the label to the right of each listed application.
Applications labeled “None” are not accessible to the user.
Modify a user’s App role setting by clicking on the label and selecting either Read, Write, or Admin from the dropdown.
Confirm the settings by selecting the “Set Permissions” button at the bottom right of the panel, or cancel the settings by selecting the “Back” button.

List of App role permissions

Permission	Read	Write	Admin
View all organizations a user has access to in My Organizations	Y	Y	Y
View an organization’s Primary Contacts	Y	Y	Y
View the application(s) which the user was granted access to and its environments	Y	Y	Y
View a list of Database Backups	Y	Y	Y
View Basic Authentication	Y	Y	Y
View logs for Deployments to an environment	Y	Y	Y
Retrieve a list of environment variables	Y	Y	Y
View Health — Monitor	Y	Y	Y
View HSTS settings	Y	Y	Y
View the IP Allow List	Y	Y	Y
View a list of Network Sites on a WordPress multisite environment	Y	Y	Y
View Software Management settings of an environment	Y	Y	Y
View a list of WP-CLI Commands run with VIP-CLI	Y	Y	Y
View a list of Media Backups		Y	Y
Perform a data sync		Y	Y
View detailed build logs for Deployments		Y	Y
View, add, edit, and remove an environment’s domains		Y	Y
Start a database import to an environment		Y	Y
View Health — Logs		Y	Y
Start a media import to an environment		Y	Y
Abort a media import		Y	Y
Check the status of the current or most recent media import or database import		Y	Y
Launch a site on a WordPress environment		Y	Y
Update the Software Management settings		Y	Y
Manage a domain’s custom TLS certificate		Y	Y
Manage a domain’s Let’s Encrypt TLS certificate		Y	Y
Run WP-CLI commands with VIP-CLI		Y	Y
View a list of an application’s events in the Audit Log			Y
Enable, update, and disable Database Backup Shipping			Y
Download a Database Backups file			Y
Download a Media Backups file			Y
Add a new user to Basic Authentication			Y
Edit user credentials for Basic Authentication			Y
Delete a user in Basic Basic Authentication			Y
Add, update, and delete environment variables			Y
Enable, update, and disable HSTS			Y
Purge URLs from the page cache			Y
Add an IP to the IP Allow List			Y
Delete an IP from the IP Allow List			Y
Enable, update, and disable HTTP request Log Shipping			Y

Last updated: April 03, 2023

Relevant to

Node.js
WordPress