User accounts and permissions

Before AppScan® Source users can begin to scan or triage results, an administrator must create user accounts and assign permissions to the accounts.

Important: This topic applies only if you have upgraded to AppScan Source version 10.0.2 or higher from a 10.0.1 or earlier version of the product. New installations of AppScan Source version 10.0.2 do not have this functionality; all user administration of new AppScan Source installations occurs in AppScan Enterprise.

AppScan Source user permissions are stored in the AppScan Source Database and applied when a user is logged in to the AppScan Enterprise Server. Users that run AppScan Source for Development in local mode have full AppScan Source permissions.

When you create a user, you establish a role for that user and identify the permissions available for that user. Permissions identify the allowable AppScan Source tasks for that user. Tasks not specifically identified as part of a permission are available to all users.

Note: You cannot modify a user ID. You must delete the user account and recreate the user with the same user ID.


Permission Group	Permission
Application and Project Management	Register (Register and unregister applications and projects)
	Scan
	View Registered
	Manage Attributes
	Apply Attributes
Assessment Management	Delete Published Assessments
	Save Assessments
	Publish Assessments
	View Published Assessments
Knowledgebase Management	Manage Custom Rules
	Manage Patterns
Administration	Manage Users
	Manage AppScan Enterprise Settings
Filter Management	Manage Shared Filters
Scan Configurations	Manage Shared Configurations (sharing scan configurations and editing/deleting shared scan configurations)