Understanding Role Permissions
Akto uses a role-based access control system to manage user permissions. Each role has a specific set of permissions that determine what actions a user can perform within the platform.
Role Types
Admin
Full system administrator with complete control over all features. Can manage users, settings, and perform all administrative actions.
Security Engineer
Primary role for security testing and analysis. Has full access to testing features and API Inventory.
Developer
Technical role focused on integration and development. Has view access to security features and can manage integration settings.
Guest
Basic viewer role with view-only access to most features. Can view but cannot modify API Inventory.
Role Hierarchy
Feature Access & Descriptions
Legend
✅ Edit & View 👁️ View Only
API Inventory
API Collections
✅
✅
👁️
👁️
Manage and organize API endpoints
Traffic Filters
✅
✅
👁️
👁️
Configure API traffic filtering rules
Sample Data
✅
✅
👁️
👁️
Access to API sample data
Tags
✅
✅
👁️
👁️
Organize resources with tags
Testing Capabilities
Test Run
✅
✅
👁️
👁️
Initialize security tests
Test Results
✅
✅
👁️
👁️
View and analyze test outcomes
Test Editor
✅
✅
👁️
👁️
Create/modify test cases
Issues
✅
✅
👁️
👁️
Manage security issues
Settings
Integrations
✅
👁️
✅
👁️
Manage third-party integrations
Billing
✅
👁️
👁️
👁️
Access billing and subscription
User Management
✅
👁️
👁️
👁️
Manage user accounts and roles
Monitoring & Analysis
Metrics
✅
✅
👁️
👁️
View system performance metrics
Logs
✅
✅
👁️
👁️
Access system logs
Sensitive Data
✅
✅
👁️
👁️
Manage sensitive data detection
Common Features
Ask GPT
✅
✅
👁️
👁️
AI-assisted analysis
Custom Roles
Organizations can create custom roles to meet specific business needs by combining permissions from different standard roles. To create and manage custom roles, check the Custom roles documentation.
Last updated
Was this helpful?