User Roles

Once you have configured authentication (SSO) for Asserts, you will be able to manage user access to functionality through our predefined roles in the User Directory located under the Settings menu.

These roles are VIEWER, EDITOR & OWNER. For a self-hosted installation, the first user to log into Asserts will be granted the OWNER role. Subsequent users are granted the VIEWER role upon logging in for the first time. A user with the OWNER role has permission to modify other users' role.

Role Permissions

RoleAccess Granted


  • Read-only access to all functionality


  • All VIEWER access

  • Configure rule thresholds

  • Manage alerts

  • Create custom dashboards

  • Manage SLOs

  • Manage integrations

  • List all users and roles

  • Configure Prometheus rules

  • Configure Prometheus relabel rules

  • Create users' own API access credentials

  • Configure AWS exporter configuration

  • Configure Asserts model rules

  • Manage trace configuration

  • Export/import configuration

  • View license usage


  • All EDITOR access

  • Change other users role

  • Enable/Disable Prometheus rules

  • Invite users (if enabled)

  • Grafana admin privileges

  • Configure AWS CloudWatch

  • Configure authentication

  • Manage license info

  • Manage Prometheus DataSources

  • Read raw tenant & base Prometheus rules

  • Configure tenant api credentials

Last updated