Each Role in Devolutions Hub has its own set of Permissions.
| PERMISSION | RESTRICTED | READERS | PRIVILEGED READERS | OPERATORS | PRIVILEGED OPERATORS | CONTRIBUTORS | vault OWNERS |
|---|---|---|---|---|---|---|---|
| View vault | |||||||
| View entries | |||||||
| Manage vault | |||||||
| Add entries | |||||||
| Edit entries | |||||||
| Delete entries | |||||||
| Connect (execute) | |||||||
| View password | |||||||
| View sensitive | |||||||
| View password history | |||||||
| View sensitive history | |||||||
| Manage attachments | |||||||
| Manage documentation | |||||||
| View entry logs | |||||||
| View entry history | |||||||
| Clear entry history | |||||||
| Export | |||||||
| View activity log | |||||||
| View deleted entry | |||||||
| Restore entries | |||||||
| Temporary access authorizer | |||||||
| Force checkin |
| Permission | Description |
|---|---|
| View vault | Allows users to see the vault. |
| View entries | Enables users to access and view entries within the vault. |
| Manage vault | Allows a user to configure and manage the settings of a vault, including modifying its structure, permissions, and access control. |
| Add entries | Allows users to create new entries in the vault. |
| Edit entries | Allows modification of existing entries. |
| Delete entries | Enables users to delete entries from the vault. |
| Connect (execute) | Authorizes users to launch connections. |
| View password | Allows users to see passwords stored within entries. |
| View sensitive | Grants access to view sensitive information in entries such as secure notes, credit card numbers, membership account number, etc. |
| View password history | Enables users to view the history of password changes for entries. |
| View sensitive history | Allows viewing the history of changes to sensitive information. |
| Manage attachments | Enables users to add, modify, or delete attachments linked to entries. |
| Manage documentation | Grants the ability to modify documentation associated with entries. |
| View entry logs | Allows users to access logs detailing actions performed on entries. |
| View entry history | Enables viewing the history of modifications made to entries. |
| Clear entry history | Allows users to clear the history of entries. |
| Export | Allows exporting of entries or vault data. |
| View activity log | Grants access to logs of user activities within the vault. |
| View deleted entry | Enables users to see entries that have been deleted. |
| Restore entries | Allows restoration of deleted entries. |
| Temporary access authorizer | Allows users to grant temporary access. |
| Force checkin | Allows users to force entries to be checked in. |
In Devolutions Hub, all sensitive information is hidden by default. Some can be viewed by anyone that has access to the entry by clicking on the eye icon, and others require View sensitive or View password permissions to be viewed. The value of a hidden custom field is also encrypted and protected with the View sensitive permission.
The View sensitive permission is granted to Reader, Operator, Contributor, and Manager roles, while the Contributor or Manager roles are required for the View password permission. Therefore, even if passwords are indeed sensitive information, you will not be able to view them with the View sensitive permission alone.
You can see the difference between the View sensitive permission and View password permission icons in the image below.
Give us Feedback