logged in user temporarily drop a role


We are developing an app with dashboards which are only shown if the current user has certain Splunk roles, this roles also grant access to the specific indexes.
The developers have all this roles, but in order to see the app as a user with a certain role would see it, they need to be able to temporarily drop some roles they own. Any idea except creating test users?
BTW, the developers don't get the admin role 😉

0 Karma


I don't see any way that won't be MUCH more of a headache than giving your developers each a user account, or collective access to test user ids to check out. Any such facility would mean that the developer's actual role was always in flux on the system. That will lead, at the very least, to lots of noise in your tracking of auth updates, and at worst to random errors due to developers not having expected roles at times they need them.


Is it the user wants to know which access he has on the dashboard panel ?

If yes , try this

| rest /services/authentication/current-context splunk_server=local | table title roles username | rename roles as title | mvexpand title

0 Karma
Get Updates on the Splunk Community!

Splunk Observability Cloud | Customer Survey!

If you use Splunk Observability Cloud, we invite you to share your valuable insights with us through a brief ...

Happy CX Day, Splunk Community!

Happy CX Day, Splunk Community! CX stands for Customer Experience, and today, October 3rd, is CX Day — a ...

.conf23 | Get Your Cybersecurity Defense Analyst Certification in Vegas

We’re excited to announce a new Splunk certification exam being released at .conf23! If you’re going to Las ...