Permission management

Dynatrace lets you manage user permissions based on user account membership in user groups. You can manage these accounts and groups locally through LDAP or through an IdP.

Working with policies

Define policies that clearly specify whether an action in Dynatrace is allowed.

Account Management permissions

Manage permissions required to use Account Management capabilities.

Basic concepts

To manage user permissions, assign permissions to user groups and then add user accounts to user groups.

Each group contains a set of permissions.
The group name must be unique. The same group names are not supported within a single account.

Use policies and bind them to groups to manage your user permissions.

Each user account is assigned to one or more groups.
Each user account that is assigned to a group inherits the permissions of that group.
When you change the permissions of a group, the permissions of each user account in that group change accordingly.
When you assign a user account to multiple groups, the user account inherits the combined permissions of all those groups.