I have installed the S.o.S - Splunk on Splunk app. I want only the admin user to have access (view) to this app. I set the permissions on this app to Read/Write admin only. But when I login with another user, I still can start the S.O.S application. This should not be possible.
i've just done the same, but im not able to start the app as a user. Does your user/user-role inherits form other roles?
If your user/user-role somehow inherits from the admin-role or gets the admin_all_objects capabilitiy the user will always see the app. To make sure thats not the point check the "Selected capabilities" and the "Imported capabilities" for your user-role.