You can assign service roles for the vRealize Orchestrator Client in the Identity & Access Management page in vRealize Automation. Service roles can be assigned for the embedded vRealize Orchestrator Client and standalone vRealize Orchestrator instances authenticated with vRealize Automation.

vRealize Orchestrator service roles manage what features of the embedded vRealize Orchestrator Client users can access. For more information vRealize Orchestrator roles, see Managing vRealize Orchestrator Client Roles and Groups.
Note: Standalone vRealize Orchestrator instances authenticated with vSphere that use a vRealize Automation license can assign roles directly in the vRealize Orchestrator Client. See Assign Roles in the vRealize Orchestrator Client.

Prerequisites

Appropriate users and groups are imported from a valid vIDM instance.

Procedure

  1. From the top-right header drop-down menu, select the Identity & Access Management option.
  2. On the Active Users tab, search for the email address of the user you want to assign to vRealize Orchestrator.
  3. Select the check box next to the user, and click Edit Roles.
  4. Click Add Service Access.
  5. From the left drop-down menu, select Orchestrator.
  6. From the right drop-down menu, select the role you want to assign to the user.
  7. Click Save.