Permissions privileges control the assigning of roles and permissions.

The table describes permissions required for assigning roles and permissions.

You can set this privilege at different levels in the hierarchy. For example, if you set a privilege at the folder level, you can propagate the privilege to one or more objects within the folder. The object listed in the Required On column must have the privilege set, either directly or inherited.

Table 1. Permissions Privileges

Privilege Name


Required On

Permissions > Modify permission

Allows defining one or more permission rules on an entity, or updating rules if rules are already present for the given user or group on the entity.

To have permission to perform this operation, you must have this privilege assigned to both the object and its parent object.

Any object plus parent object

Permissions > Modify role

Allows updating a role's name and its privileges.

Any object

Permissions > Reassign role permissions

Allows reassigning all permissions of a role to another role.

Any object