Your accountRolesManaging role assignments

Assigning roles to members

Overview

This topic explains how to assign roles to members in LaunchDarkly.

How base roles interact with additional member roles

Every organization using LaunchDarkly is made up of members. Members are people who work for your organization or use your organization’s LaunchDarkly account.

You assign roles directly to members when you invite them to LaunchDarkly. You must assign a role to each member when they are invited, even if that role allows no access.

If a member is directly assigned a role, such as a preset role or a role that you create, that role is used instead of the member’s base role to determine the member’s access.

In contrast, if a member is given a role as part of a team, that role is used in addition to the member’s base role to determine the member’s access. To learn more, read How team roles interact with individual member roles.

Assign roles to new members on invite

When you invite a new member to your LaunchDarkly account, you must assign them a role as part of creating the invitation, even if that role does not allow any access.

To learn how, read Add members to LaunchDarkly.

Assign roles to existing members

To assign a role to an existing member:

  1. Click the gear icon in the left sidenav to view Organization settings.

  2. Click Members. The Members list appears.

  3. Find the account member you wish to give a role.

  4. Click that account member’s name. The member’s Access tab opens.

  5. Click Assign access. The “Assign access” dialog appears.

  6. Choose a role from the dropdown.

  7. (Optional) If the role includes a role attribute, enter a value for the attribute and click Enter. For example, if the role includes a role scope with a role attribute of developerProjectKey, enter a project key in the Resources field:

    A member's "Assign access" dialog, with a role attribute and resource specified for the role being assigned to this member.

    A member's "Assign access" dialog, with a role attribute and resource specified for the role being assigned to this member.

  8. Click Assign access. You are returned to the Access tab.

The account member’s access is defined by the assigned roles. If you assign multiple roles and the roles have conflicting permissions levels, the more permissive level of access is applied. For example, if a member has one role that allows access to a resource, and another role that restricts access to a resource, the member is allowed access.

You can also use the REST API: Modify an account member

Use Teams to assign roles to multiple members

You can use the Teams feature to group a set of members and assign them all the same roles. To learn more, read Teams.

You can also assign roles through your IdP with SSO or SCIM. For an in-depth guide on how to use roles with IdPs, read Creating roles.