Developer

This user type has the rights to edit, update & remove the Permission & Permission sets. The users can only create & grant revoke application roles to Groups/ Users.

• The Developer will be assigned the Developer and Restricted Developer permission sets by default.
• Depending on the permission sets the Developer will be assigned following permissions by default.

Description	Remarks
Developer
Applications\Can Read All Applications	This permission gives you the right to read all applications
Restricted Developer:	This user type has permissions to edit applications, permission, user and role of the applications for which the user is the member of ‘Membership manager’ role
Applications\Can Read Application	This permission gives you the right to read applications for which you have the role “Membership Manager”.
Applications\Can Update Application	This permission gives you the right to update an application.
Audit and Reporting\Can Read Event Log	This permission gives you the right to read an Event Log.
Audit and Reporting\Can Read Group	This permission gives you the right to read group.
Permissions\Can Create Permission	This permission gives you the right to create a permission.
Permissions\Can Delete Permission	This permission gives you the right to delete a permission.
Permissions\Can Read Permission	This permission gives you the right to read a permission.
Permissions\Can Update Permission	This permission gives you the right to update a permission.
Permission Sets\Can Create Permission Set	This permission gives you the right to create a permission Set.
Permission Sets\Can Delete Permission Set	This permission gives you the right to delete a permission Set.
Permission Sets\Can Grant Revoke Permission Sets To Application Roles	This permission gives you the right to grant or revoke the permission sets of the application roles.
Permission Sets\Can Grant Revoke Permission Sets To Shared Roles	This permission gives you the right to grant or revoke the permission sets of the shared roles.
Permission Sets\Can Read Permission Set	This permission gives you the right to read permission Set.
Permission Sets\Can Update Permission Set	This permission gives you the right to update a permission Set.
Roles\Can Create Application Role	This permission gives you the right to create an application role.
Roles\Can Grant Revoke Application Roles To Groups	This permission gives you the right to grant or revoke application roles to groups.
Roles\Can Grant Revoke Application Roles To Users	This permission gives you the right to grant or revoke application roles to users.
Roles\Can Read Application Role	This permission gives you the right to read an application role.
Roles\Can Read Shared Role	This permission gives you the right to read a shared role.
Roles\Can Update Application Role	This permission gives you the right to update an application role.

• To explore the impact of permissions please click on the relevant link below:

Impact of Developer Role on Applications

This module explains the impact on the applications if the user has been granted Developer Role.

• The User will be assigned following permissions:

Description	Remarks
Can Read All Applications	This permission gives access to read all applications.
Can Read Application	This permission gives you the right to read applications for which you have the role “Membership Manager”.
Can Update Application	This permission gives you the right to update an application.

• Once the user logs in using the assigned mode of authentication, the following screen will be displayed:

• Since the user has permissions to Can Read All Applications and Can Read Application, the Can Read All Applications will override.
• The user will be able to view list of all the applications (A).
• The user can click on the Application name to view the application information as shown below:

• The application information will be available in an editable mode since the user has Can Update Application privilege.
• The user can update information related to all the applications.

Impact of Developer on Audit and Reporting

This module explains the impact on the audit and reporting if the user has been granted Developer Role.

• The User will be assigned following permissions:

Description	Remarks
Can Read Event Log	This permission gives you the right to read an Event Log.

• Once the user logs in using the assigned mode of authentication, the following screen will be displayed:
• The user will be able to view list of all the applications (A).

• Can Read Event Log permission allows access to view the event log as shown below:

 
Impact of Developer Role on Groups

This module explains the impact on the groups if the user has been granted Developer Role.

• The User will be assigned following permissions:

Description	Remarks
\Groups\CanReadGroup	This permission gives access to read a group for which you have the role “Membership Manager”.

• Once the user logs in using the assigned mode of authentication, the following screen will be displayed:
• The user will be able to view list of all the applications (A).

• Since the user has permissions to Can Read Groups, the user will be able to view the group that has been assigned to the user.
• The parent groups of the assigned group will also be displayed.

• The privileges that are available to the user will depend on the user and the group privileges.

Impact of Developer Role on Permissions

This module explains the impact on the permissions if the user has been granted Developer Role.

• The User will be assigned following permissions:

Description	Remarks
Can Create Permission	This permission gives you the right to create a permission.
Can Delete Permission	This permission gives you the right to delete a permission.
Can Read Permission	This permission gives you the right to read a permission.
Can Update Permission	This permission gives you the right to update a permission.

• Once the user logs in using the assigned mode of authentication, the following screen will be displayed.
• The user will be able to view list of all the applications (A).

• Since the user has permissions to Create, Delete, Read and Update permissions, the user will be able to update existing permission besides having the privilege to create the permission.
• Additionally the user can manage the other permission related properties using the available options.

Impact of Developer Role on Permission Sets

This module explains the impact on the permission sets if the user has been granted Developer Role.

• The User will be assigned following permissions:

Description	Remarks
Can Create Permission Set	This permission gives you the right to create a permission Set.
Can Delete Permission Set	This permission gives you the right to delete a permission Set.
Can Grant Revoke Permission Sets To Application Roles	This permission gives you the right to grant or revoke the permission sets of the application roles.
Can Grant Revoke Permission Sets To Shared Roles	This permission gives you the right to grant or revoke the permission sets of the shared roles.
Can Read Permission Set	This permission gives you the right to read permission Set.
Can Update Permission Set	This permission gives you the right to update a permission Set.

• Once the user logs in using the assigned mode of authentication, the following screen will be displayed.
• The user will be able to view list of all the applications (A).

• In addition to the privilege to create permission sets, the user has permission to Create, Delete, Read and Update permission sets, and thus will be able to update existing permission sets.
• Additionally the user can manage the other permission set related properties using the available options. 

• Since the user has also been granted the Can Grant Revoke Permission Sets to Application Roles privilege the user can Grant permission sets to the selected role as shown below.

• The user can also grant the permission set to the Shared roles, since the user has Can Grant Revoke Permission Sets to Shared Roles privilege.

 

Impact of Developer Role on Roles

This module explains the impact on the roles if the user has been granted the Developer Role.

• The User will be assigned following permissions:

Description	Remarks
Can Create Application Role	This permission gives you the right to create an application role.
Can Grant Revoke Application Roles To Groups	This permission gives you the right to grant or revoke application roles to groups.
Can Grant Revoke Application Roles To Users	This permission gives you the right to grant or revoke application roles to users.
Can Read Application Role	This permission gives you the right to read an application role.
Can Read Shared Role	This permission gives you the right to read a shared role.
Can Update Application Role	This permission gives you the right to update an application role.

• Once the user logs in using the assigned mode of authentication, the following screen will be displayed:
• The user will be able to view list of all the applications (A).

• The user can create a new role under an application, since the user has Can Create Application Role privilege.

• The new role will be listed under the Application>Roles option. The user can view the role details by clicking on the role name as shown below:

• Since the user has also been granted the Can Grant Revoke Application Roles To Users privilege the user can grant/revoke new roles to user using options “grant role to users” & “Revoke role from users”  available under tab “Granted User”

Please Note: You can also grant/revoke roles of users Users> Username> Roles> Edit Roles option. Click here (missing link) to know more.

• Grant role to users: When you select option “Grant role to users” you are provided with a screen to select users to whom the role is to be assigned.

Once the users are successfully assigned to the Group, below message will appear

• Revoke role from users: When you select option “Revoke role from users”  you will be asked for confirmation, as shown below:

Once confirmed by clicking on option “YES” , the role will be successfully revoked and below message will appear:

• The user can also grant the new role to the groups, since the user has Can Grant Revoke Application Roles To Groups privilege.

• The new role will be listed under the application under which it has been created. The user can select and grant this new role.

• Since the user has Can Read System Role privilege the system role information will be displayed in read only mode.
• Since the user has Can Read Shared Role privilege the shared role information will be displayed in read only mode.

• Additionally the Can Read Special Role privilege will allow the special role information to be displayed in read only mode.

• Since the user has Can Read Application Role and Can Update Application Role privileges, the user can view and update existing application role information role details.
• To update the role information click on the role name under Applications> Role.

See Also:

• Special Roles
• Impact of granting multiple roles 
• Special Roles & Permission Matrix