Skip to main content
Skip table of contents

Does Mend support role-based access controls (RBAC)?

Yes.
Mend features an assortment of useful roles and entitlements that define the scope of functional and management permissions that may be granted to users. Customers may associate users with such roles and entitlements directly, or create new groups with non-administrative permissions that will be associated with entitlements.
Note: customers preferring to employ SAML-based authentication, can map user groups in the pertinent authoritative source (e.g., Microsoft Active Directory) to Mend roles, by using a designated "Add Role" button to map Organization roles in Mend Groups.
Mend features the following built-in roles (and we’ll add more roles):

  • Admins (i.e., Administrators): this role is assigned to people who are approved to have control over an entire Organization, and has a broad set of permissions including many located on the Admin and Integrate tabs in the management UI. Special Administrator permissions include for example the ability to create, invite and remove users, add Products and Projects, modify policies, and access Organization, Product and Project settings including pertinent memberships; an Organization must always have at least one Administrator.

  • Users: this role possesses non-administrative permissions appropriate for most developers.

The following entitlements can be associated with Mend individual users or custom groups:

  • Approver: this entitlement is assigned to people approved to receive sent request tickets in the Organization. A Default Approver entitlement is assigned to the Organization creator by default, but any member of the Organization may be assigned this entitlement. Furthermore, each Product can be assigned an Approver as well, which will override the Default Approver assignment. An Organization must always have a Default Approver entitlement.

  • New Alerts Email Receivers: this entitlement is assigned to people approved to receive email notifications for alerts (Administrators receive such emails by default).

  • License and Copyright Assigners: this entitlement is assigned to people approved to manually override a license and copyright assignment provided automatically by the solution.

  • Alert Ignorers: this entitlement is assigned to people approved to be able to explicitly ignore an alert notification.

Administrators can control/view/define user access roles, and control who can do/view what within Mend.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close