Admin console role-based security

  • Updated

The Admin Console employs .Net Membership Role-Based security. Each user is assigned one or more roles; these roles control fields and menu permissions in the Admin Console. The Admin Console includes several roles by default; however, additional roles may be created for security purposes or to implement additional customized functionality.

Users cannot grant themselves permissions that allow greater access than their current role:

  • The ISC_System role can assign any role. This is an Optimizely-only role and appears here for reference purposes only.
  • The ISC_Implementer role can assign any role other than ISC_System.
  • The ISC_Admin role can assign any role other than ISC_System and ISC_Implementer.

For each role, fields and menu security are managed from the Application Dictionary. ISC_System and ISC_Implementers can choose which roles can view, edit, create and delete content within the Admin Console.

Display Type Description
Hidden Field or menu will not be displayed
Visible Field or menu will display, but cannot be modified
Enabled Field or menu will display and can be modified