Assign roles to users or user groups

Overview

In NGINX Instance Manager, role-based access control (RBAC) lets you assign permissions to users or user groups based on their roles in the organization. This ensures that users only have access to the features they need. Before assigning roles, make sure you’ve created the necessary users or user groups. This guide covers how to assign roles to users using basic authentication and to user groups when using an OpenID Connect (OIDC) identity provider.

Before you begin

First steps: Create users or user groups

Make sure you’ve already created users or user groups that can be assigned roles. If not, follow these guides:

Assign roles to users (basic authentication)

To assign roles to a user in NGINX Instance Manager, follow these steps:

  1. In a web browser, go to the FQDN for your NGINX Instance Manager host and log in.
  2. Select the Settings gear icon in the upper-right corner.
  3. From the left navigation menu, select Users.
  4. Select a user from the list, then select Edit User.
  5. In the Roles list, choose the role(s) you want to assign to the user.
  6. Select Save.

Assign roles to user groups (OIDC)

User groups require an OIDC identity provider
User groups require an external identity provider configured for OpenID Connect (OIDC) authentication, as described in Getting started with OIDC. Users from an external identity provider cannot be assigned roles directly in NGINX Instance Manager. Instead, they inherit roles based on their group membership.

To assign roles to a user group, follow these steps:

  1. In a web browser, go to the FQDN for your NGINX Instance Manager host and log in.
  2. Select the Settings gear icon in the upper-right corner.
  3. From the left navigation menu, select User Groups.
  4. Select a user group from the list, then select Edit.
  5. In the Roles list, choose the role(s) you want to assign to the group.
  6. Select Save.
Last modified November 8, 2024