You can have customized groups with different access rights on your program. HackerOne Organization administrators can set these access rights for groups on your program. All security programs start with Admin and Standard default groups with set permissions that you can't edit, but you can still add or remove users to these groups.
Adding a New Group
To add a new group and set access rights:
Go to Organization Settings > Groups.
Click Add new group.
Write the name of the group in the Group name field.
Fill out the three optional fields as desired
Organization access and permissions
Engagements and reports permissions
Asset access and permissions
Select the permissions you want to enable for the group and click Add group in the bottom right-hand corner. You can select from these options:
Option | Details |
Read only | View programs and reports and post internal comments on reports users can access |
Program admins | Edit settings and invite hackers on programs users can access |
Rewards | Suggest and award bounties on reports users can access |
Report | Edit reports users have access to |
Note: All groups can view reports and post internal comments by default.
To edit your group name and permissions:
Go to the Groups page in Organization settings
Click the kabob menu (three vertical dots)
Click Edit group
Adding or Removing Users
To add or remove users from a group:
Go to the Groups page in Organization settings
Click the kabob menu (three vertical dots)
Click Edit group
Click Add another user to add a new member
OR
Click the trash icon to the right to remove a user from the group