Overview
Grant permissions to your engagement members by assigning them to a group with the appropriate permissions.
You can assign multiple roles per group and multiple groups per user. Groups allow you to set up your teams and grant the right team permissions to the various areas on the platform. HackerOne Organization administrators can set these access rights for groups on your program.
Below are the available roles with the permissions granted to each.
Roles
Each role has its own permissions. You can assign multiple roles to each group if you want to combine permissions.
Organization Admin
Manage engagements
Assign permissions
Program Admin
Complete the self-setup form
Read reports
Write internal comments
Report Manager
Read reports
Write public comments
Request retests
Read Only
Read reports
Adding a New Group
To add a new group and set access rights:
Go to Organization Settings > Groups.
Click Add new group.
Write the name of the group in the Group name field.
Fill out the three optional fields as desired
Organization access and permissions
Engagements and reports permissions
Asset access and permissions
Select the permissions you want to enable for the group and click Add group in the bottom right-hand corner.
Adding & Removing Users
To add or remove users from a group:
Go to Organization settings > Groups
Click the kabob menu (three vertical dots) next to the group you are adding a member to
Click Edit group
Click Add another user to add a new member
OR
Click the trash icon to the right to remove a user from the group
You can also edit the groups an individual is part of:
Go to Organization settings > Users
Search for the user
Click the user’s name
Go to the Groups tab
Click Manage groups for this user
Use the dropdown to add or remove groups, then click Save.
