Security
Highlighted

limit a role's capability according to app?

Communicator

Is it possible to limit a users role capability according to what app the user is in? For example, I would like all users assigned to role_my_test_role to have the ability to schedule searches when they are using my_test_app, but not when they are using other apps such as search. I tried adding a modified authorize.conf file to my_test_app, which granted role_my_test_role the ability to schedule searches, but it didn’t work. Instead of limiting the capability to my_test_app only, it was applied to entire system (all apps).

Tags (3)
Highlighted

Re: limit a role's capability according to app?

Splunk Employee
Splunk Employee

Nope, capabilities are scoped system-wide.

It seems like it would be quite a jumbled administrative mess if they were scoped per-app, and beyond that, I'm not sure I understand the utility of allowing users to schedule searches in one app but not in another.

View solution in original post