This article describes how to create a custom admin role that supports removing users from application assignments.
- Custom Admin Roles
- Application Assignments
Custom admin roles with only the Edit user's application assignments and Edit application's user assignments permissions can assign users to applications, but can no longer remove them.
When the custom admin only has these permissions, the Assignments tab of an application (in the Admin Console under Applications > Applications > Application Name) will not display any user assignment details. Since user removals are performed from this tab, the admin cannot remove users from the application.
To allow user removal from application assignments, add the "View application and their details" permission to the custom admin role.
- In the Admin Console, go to Security > Administrators.
- Select the Roles tab from the top or Custom roles from Administrator's Overview section.
- Check for the custom admin role that needs to be updated, select Edit > Edit role:
- Ensure the following role permissions are selected:
-
- User
- Edit the user's application assignments.
- Application
- View the application and its details.
- Edit the application's user assignments.
- User
- Upon completion, select the Save role button located at the top right of the Edit role section.
