Granting access to members or member roles

You can grant Read access to the secrets added to the classification in your project at the role level for members of a designated role. Additionally, you can provide Read and Write access to specific members. Without access to the classification, members cannot view, create, edit, delete, or use the secrets added to the classification.

Before you begin

You must be a project Owner and have completed the following tasks:

Created a project in Test Hub. See Managing DevOps Test Hub projects.
Added one or more users to your project. See Adding users to a project.
Created at least one classification. See Creating a classification.

Procedure

Log in to Test Hub.

The Projects page of the initial team space is displayed.
Click My projects > project_name to open the project that contains the test assets.

The Overview page of the project is displayed.
Click Manage > Security.
The Security page is displayed.
Click a classification in the list under Classification to which the secrets are added and for which you want to grant the access.
Select any of the following methods to grant access to a member:
- Select the checkbox for the specific role under Grant Read Only Access to roles to grant read only access to the members of a specific role. For example, if you select Tester, then all members in the project with a tester role are granted read only access to the selected classification. You can select any role or all the roles listed.
- Perform the following steps to grant read/write access to specific members:
  1. Click Add Members inline with Members with Read/Write Access.
    The Additional Members dialog is displayed.
  2. Enter the name or email ID to search the user or navigate through the list and select the member you want to grant access. You can select multiple members from the list.
    Important:
    Irrespective of the role that the member (Owner, Tester or Viewer) was assigned in the project, the access to the classification to which the secret is added must be specifically granted to the members from the Security page.
  3. Click Add Members.
    You granted the read/write access to the added members.
Select any of the following methods to revoke access to a member:
- Clear the checkbox for the specific role under Grant Read Only Access to roles, to revoke read only access to the members of a specific role. For example, if you clear the Tester checkbox then access for all members in the project with a tester role is revoked for the selected classification. You can select any role or all the roles listed.
- Click the Delete icon inline with the member name to remove the specific members from the Members with Read/Write Access list.
Notes:
- Any member with access to the classification can remove access to other members specifically added or of all members with a specific role.
- Members with access to the classification can remove themselves from the access list provided that there is at least one member in the list. After removing themselves, members cannot add themselves back to the access list and must be added by any of the other members in the list.

Results

You have added members from your project or members with specific role to the access list of people who can access secrets in the selected classification, or you have removed specific members or members with specific role from the access list.

What to do next

You can add secrets to the classifications for your project.