Interactions between environment and flag roles
How environment and flag granular permission roles interact in Optimizely Feature Experimentation.
Understanding projects, entities, and the relationship between flags and environments is crucial when configuring granular permissions. You must understand this document before managing environment roles and flag roles.
Each flag rule operates within a specific environment, and the collection of a flag’s rules in an environment is called a ruleset. When applying granular permissions, the lower of the two roles (flag or environment) determines what actions a user can perform within a ruleset.
The following diagram shows example flag and environment role combinations, along with the resulting ruleset permissions where each flag and environment intersect:
Note
The maximum permission in a ruleset is Publisher. An entity Admin can manage permissions for that entity but is still considered at most a Publisher within a ruleset.
The following permission matrix outlines how combinations of environment and flag roles influence what actions you can take within a ruleset.
| Environment role | Flag role | Effective permission in ruleset |
|---|---|---|
| Admin | Admin | Publisher (Can publish and edit rules and manage permissions) |
| Admin | Editor | Editor (Can edit but not publish rules) |
| Admin | Viewer | Viewer (Can view rules only) |
| Publisher | Admin | Publisher |
| Publisher | Editor | Editor |
| Publisher | Viewer | Viewer |
| Editor | Admin | Editor |
| Editor | Editor | Editor |
| Editor | Viewer | Viewer |
| Viewer | Admin | Viewer |
| Viewer | Editor | Viewer |
| Viewer | Viewer | Viewer |
Updated 2 months ago