Interactions between environment and flag roles
How environment and flag granular permission roles interact in Optimizely Feature Experimentation.
Before you manage environment roles and flag roles, it is important to understand how flags and environments interact in a Feature Experimentation project.
Each flag rule operates within a specific environment, and the collection of a flag’s rules in an environment is called a ruleset. When applying granular permissions, the lower of the two roles (flag or environment) determines what actions a collaborator can perform within a ruleset.
When a collaborator creates a flag, they are automatically assigned the Admin role for that flag.
Note
To create a flag or audience, a collaborator must have Editor or above access in at least one environment.
If your project does not use granular permissions, the collaborator must have an Editor or above project role.
The following diagram shows example flag and environment role combinations, along with the resulting ruleset permissions where each flag and environment intersect:
Note
The maximum permission in a ruleset is Publisher. An entity Admin can manage permissions for that entity but is still considered at most a Publisher within a ruleset.
The following permission matrix outlines how combinations of environment and flag roles influence what actions you can take within a ruleset.
| Environment role | Flag role | Effective permission in ruleset |
|---|---|---|
| Admin | Admin | Publisher – Can publish and edit rules and manage permissions. |
| Admin | Editor | Editor – Can edit but not publish rules. |
| Admin | Viewer | Viewer– Can view rules only. |
| Publisher | Admin | Publisher |
| Publisher | Editor | Editor |
| Publisher | Viewer | Viewer |
| Editor | Admin | Editor |
| Editor | Editor | Editor |
| Editor | Viewer | Viewer |
| Viewer | Admin | Viewer |
| Viewer | Editor | Viewer |
| Viewer | Viewer | Viewer |
Updated 15 days ago