Skip to main content
Oleria includes five built-in roles you can assign to users. Each role defines a specific set of permissions that controls what the user can see and do in the workspace. These default roles cannot be edited.

Built-in roles

When to assign each role

Administrator - assign to security leads and workspace owners who need to add users, configure integrations, and manage workspace settings. Keep the number of administrators small. Operator - assign to team members who need to connect integrations and use Adaptive Security features (Access Graph, Risk Monitoring, Activity Analysis, Account Utilization) but should not manage who has access to Oleria itself. Analyst - assign to stakeholders who need to view findings and run investigations but should not make configuration changes. This is the right role for auditors, compliance reviewers, or team members who consume reports. Governance Operator - assign to identity governance and compliance owners who run access reviews and manage identity lifecycle, access bundles, and access requests, but should not change integrations or manage who has access to Oleria. This role can view connected integrations for context without modifying them. Identity Lifecycle Operator - assign to identity lifecycle owners who manage identity lifecycle, access bundles, and access requests, but should not run access reviews, change integrations, or manage who has access to Oleria. This role can view connected integrations for context without modifying them.

Role permissions

Contact us

For questions, contact us at support@oleria.com.