Default Roles

Role	Permissions
Administrators (Role)	Administrators is the common system administrator role for the AgilePoint NX Portal. Any registered AgilePoint NX user can be assigned the Administrators role. There is no limit to the number of users who can be assigned the Administrators role. The Administrators role is subordinate to the Tenant Administrator. In addition to being master users for an AgilePoint NX Portal tenant, users with the Administrators role also serve as the Global Permissions Manager for apps created in App Builder.. Note: The Administrators role is different from the AgilePoint NX System Administrator. The AgilePoint NX System Administrator is one person, independent of any accounts or permissions. Administrators is a security role that can be assigned to any NX Portal user. You can have more than one AgilePoint NX account with the Administrators role. The default Administrators role is not the only type of administrator level role that you can create in AgilePoint NX. You can create custom administrator-level roles with different access rights. Unlike Data Entities and Page Builder, App Builder does not have a Global Permission Manager permission group. By default, global permissions for apps are managed by users with the Administrators role. You can create new roles for managing global permissions in App Builder if you do not want those users to have full administrator access rights. Access Rights: By default, the Administrators role has all access rights in AgilePoint NX, except the following: Permissions reserved for the Tenant Administrator. For more information, refer to Administrator Types. The AgilePoint NX Administrators role has the access rights associated with the Report Viewer role in Analytics Center. For more information, refer to Add Role > Configure Access Rights > Analytics tab. For a full list of access rights in AgilePoint NX, refer to Access Rights. When permission groups are enabled, the Administrators role serves the function of a global permission manager for App Builder.
Application Runtime Managers (Role)	Application Runtime Managers is a role for users or groups who have access rights to administer apps. In addition to creating apps in App Builder, Application Runtime Managers can perform more administrative tasks, such as managing delegations, starting and stopping process instances, and canceling activities. Access Rights: Update The User's Own Profile Add, Remove, And Modify Global Application Resources View Global Application Resources Create, Update, Remove Custom Views And Quick Launch Initiate A Process Suspend And Resume A Process Resend And Cancel An Email Notification Cancel A Process Rollback A Process Archive And Restore Processes View Process Details Reassign A Task Cancel A Task Create A Task Create, Update, And Remove Delegations Complete System Activities (Automated Tasks) Create, Update, And Remove Shared Variables Update Variables View Variables Allow To Execute QueryDatabase() And QueryDatabaseEx() Enable Work Center Access Enable Announcements And System Notification Access Enable Analytics Center Access Enable App Builder Access Enable Manage Center Access Create, Delete, And Import Apps Publish Apps Create, Update, And Remove Application Resources Check In And Check Out Application Resources Create Process Models Check In And Check Out Process Models Delete Process Models Release A Process Model Manage Configuration Settings
Application Designers (Role)	Application Designers is a role for users or groups who have access rights to create, change, or delete any app in App Builder. If permission groups are disabled, the Application Designers and Citizen Developers roles effectively have the combined permissions for the global level App Designers and Entity Designers permission groups. However, users with the Application Designers role maintain their access to Manage Center and Settings, even if permission groups are enabled. Note: If the AgilePoint NX Portal settings for permission groups are enabled for an AgilePoint NX tenant, the Application Designers and Citizen Developers roles are ignored, and only the App Designers and Entity Designers permission groups are considered for access to an app or entity. This means that if permission groups are enabled, you must configure permission groups in both App Builder and Data Entities. Access Rights: Update The User's Own Profile Reassign Own Task Cancel Own Tasks Initiate A Process View Process Details Cancel Own Process Instances Enable Work Center Access Enable Collaboration Access Enable Analytics Center Access Enable App Builder Access Enable Manage Center Access Create, Delete, And Import Apps Publish Apps Create, Update, And Remove Application Resources Check In And Check Out Application Resources Enable Anonymous End User Access Create Process Models Check In And Check Out Process Models Delete Process Models Release A Process Model Manage Configuration Settings The Application Designers role does not have these access rights from the Citizen Developers role: Undo Check Out The User's Own Files
Citizen Developers (Role)	Citizen Developers is a role for users or groups who have access rights to create, change, or delete any app in App Builder. The Citizen Developers role is similar to the App Designers role, but they have slightly different access rights. The Citizen Developers role does not have access to Manage Center or Settings. If permission groups are disabled, the Application Designers and Citizen Developers roles effectively have the combined permissions for the global level App Designers and Entity Designers permission groups. However, users with the Application Designers role maintain their access to Manage Center and Settings, even if permission groups are enabled.. Note: If the AgilePoint NX Portal settings for permission groups are enabled for an AgilePoint NX tenant, the Application Designers and Citizen Developers roles are ignored, and only the App Designers and Entity Designers permission groups are considered for access to an app or entity. This means that if permission groups are enabled, you must configure permission groups in both App Builder and Data Entities. Access Rights: Undo Check Out The User's Own Files These access rights from the Application Designers role: Update The User's Own Profile Initiate A Process View Process Details Cancel Own Process Instances Cancel Own Tasks Reassign Own Task Enable Work Center Access Enable Analytics Center Access Enable App Builder Access Enable Collaboration Access Create, Delete, And Import Apps Publish Apps Create, Update, And Remove Application Resources Check In And Check Out Application Resources Enable Anonymous End User Access Create Process Models Check In And Check Out Process Models Release A Process Model The Citizen Developers role does not have these access rights from the Application Designers role: Enable Manage Center Access Delete Process Models Manage Configuration Settings
Users (Role)	Users is the default role for runtime app users. Users with the Users role can access apps, processes, and tasks in Work Center. Access Rights: Update The User's Own Profile Initiate A Process Enable Work Center Access Create, Update, And Remove Application Resources
Roles in Analytics Center	The Analytics Center component uses roles that are collections of access rights, similar to other roles in AgilePoint NX. However, in the AgilePoint NX Portal, Analytics Center roles are applied as access rights or permissions, rather than roles. You can apply Analytics roles as access rights in Roles. You can associate an AgilePoint role to the Analytics permission group for Data Entities. The Analytics permission group gets the access rights configured for the AgilePoint role. You can create new roles in the Analytics settings, but these roles cannot be used in other AgilePoint NX components.

Administrators

(Role)

Administrators is the common system administrator role for the AgilePoint NX Portal. Any registered AgilePoint NX user can be assigned the Administrators role. There is no limit to the number of users who can be assigned the Administrators role. The Administrators role is subordinate to the Tenant Administrator. In addition to being master users for an AgilePoint NX Portal tenant, users with the Administrators role also serve as the Global Permissions Manager for apps created in App Builder..

Note: The Administrators role is different from the AgilePoint NX System Administrator. The AgilePoint NX System Administrator is one person, independent of any accounts or permissions. Administrators is a security role that can be assigned to any NX Portal user.

You can have more than one AgilePoint NX account with the Administrators role.
The default Administrators role is not the only type of administrator level role that you can create in AgilePoint NX. You can create custom administrator-level roles with different access rights.
Unlike Data Entities and Page Builder, App Builder does not have a Global Permission Manager permission group. By default, global permissions for apps are managed by users with the Administrators role.
You can create new roles for managing global permissions in App Builder if you do not want those users to have full administrator access rights.

Access Rights:

By default, the Administrators role has all access rights in AgilePoint NX, except the following:
- Permissions reserved for the Tenant Administrator.
  For more information, refer to Administrator Types.
- The AgilePoint NX Administrators role has the access rights associated with the Report Viewer role in Analytics Center.
  For more information, refer to Add Role > Configure Access Rights > Analytics tab.
For a full list of access rights in AgilePoint NX, refer to Access Rights.
When permission groups are enabled, the Administrators role serves the function of a global permission manager for App Builder.

Application Runtime Managers

(Role)

Application Runtime Managers is a role for users or groups who have access rights to administer apps. In addition to creating apps in App Builder, Application Runtime Managers can perform more administrative tasks, such as managing delegations, starting and stopping process instances, and canceling activities.

Access Rights:

Update The User's Own Profile
Add, Remove, And Modify Global Application Resources
View Global Application Resources
Create, Update, Remove Custom Views And Quick Launch
Initiate A Process
Suspend And Resume A Process
Resend And Cancel An Email Notification
Cancel A Process
Rollback A Process
Archive And Restore Processes
View Process Details
Reassign A Task
Cancel A Task
Create A Task
Create, Update, And Remove Delegations
Complete System Activities (Automated Tasks)
Create, Update, And Remove Shared Variables
Update Variables
View Variables
Allow To Execute QueryDatabase() And QueryDatabaseEx()
Enable Work Center Access
Enable Announcements And System Notification Access
Enable Analytics Center Access
Enable App Builder Access
Enable Manage Center Access
Create, Delete, And Import Apps
Publish Apps
Create, Update, And Remove Application Resources
Check In And Check Out Application Resources
Create Process Models
Check In And Check Out Process Models
Delete Process Models
Release A Process Model
Manage Configuration Settings

Application Designers

(Role)

Application Designers is a role for users or groups who have access rights to create, change, or delete any app in App Builder.

If permission groups are disabled, the Application Designers and Citizen Developers roles effectively have the combined permissions for the global level App Designers and Entity Designers permission groups. However, users with the Application Designers role maintain their access to Manage Center and Settings, even if permission groups are enabled.

Note: If the AgilePoint NX Portal settings for permission groups are enabled for an AgilePoint NX tenant, the Application Designers and Citizen Developers roles are ignored, and only the App Designers and Entity Designers permission groups are considered for access to an app or entity. This means that if permission groups are enabled, you must configure permission groups in both App Builder and Data Entities.

Access Rights:

Update The User's Own Profile
Reassign Own Task
Cancel Own Tasks
Initiate A Process
View Process Details
Cancel Own Process Instances
Enable Work Center Access
Enable Collaboration Access
Enable Analytics Center Access
Enable App Builder Access
Enable Manage Center Access
Create, Delete, And Import Apps
Publish Apps
Create, Update, And Remove Application Resources
Check In And Check Out Application Resources
Enable Anonymous End User Access
Create Process Models
Check In And Check Out Process Models
Delete Process Models
Release A Process Model
Manage Configuration Settings
The Application Designers role does not have these access rights from the Citizen Developers role:
- Undo Check Out The User's Own Files

Citizen Developers

(Role)

Citizen Developers is a role for users or groups who have access rights to create, change, or delete any app in App Builder.

The Citizen Developers role is similar to the App Designers role, but they have slightly different access rights. The Citizen Developers role does not have access to Manage Center or Settings.

If permission groups are disabled, the Application Designers and Citizen Developers roles effectively have the combined permissions for the global level App Designers and Entity Designers permission groups. However, users with the Application Designers role maintain their access to Manage Center and Settings, even if permission groups are enabled..

Note: If the AgilePoint NX Portal settings for permission groups are enabled for an AgilePoint NX tenant, the Application Designers and Citizen Developers roles are ignored, and only the App Designers and Entity Designers permission groups are considered for access to an app or entity. This means that if permission groups are enabled, you must configure permission groups in both App Builder and Data Entities.

Access Rights:

Undo Check Out The User's Own Files
These access rights from the Application Designers role:
- Update The User's Own Profile
- Initiate A Process
- View Process Details
- Cancel Own Process Instances
- Cancel Own Tasks
- Reassign Own Task
- Enable Work Center Access
- Enable Analytics Center Access
- Enable App Builder Access
- Enable Collaboration Access
- Create, Delete, And Import Apps
- Publish Apps
- Create, Update, And Remove Application Resources
- Check In And Check Out Application Resources
- Enable Anonymous End User Access
- Create Process Models
- Check In And Check Out Process Models
- Release A Process Model
The Citizen Developers role does not have these access rights from the Application Designers role:
- Enable Manage Center Access
- Delete Process Models
- Manage Configuration Settings

Users

(Role)

Users is the default role for runtime app users. Users with the Users role can access apps, processes, and tasks in Work Center.

Access Rights:

Update The User's Own Profile
Initiate A Process
Enable Work Center Access
Create, Update, And Remove Application Resources

Roles in Analytics Center

The Analytics Center component uses roles that are collections of access rights, similar to other roles in AgilePoint NX. However, in the AgilePoint NX Portal, Analytics Center roles are applied as access rights or permissions, rather than roles.

You can apply Analytics roles as access rights in Roles.
You can associate an AgilePoint role to the Analytics permission group for Data Entities. The Analytics permission group gets the access rights configured for the AgilePoint role.
You can create new roles in the Analytics settings, but these roles cannot be used in other AgilePoint NX components.

Default Roles

OOTB Roles in AgilePoint NX