Integrations Permissions

Controls access to the Integration Permissions page, a command-level access control layer that determines which roles are allowed to execute specific integration commands. This is distinct from the Integrations permission, which controls access to integration instances and their configuration.

Integrations Permissions provides fine-grained, per-command role restrictions on top of the broader integration access model. Access the Integration Permissions page by going to SettingsConfigurationsData CollectionIntegration Permissions.

Permission

Description

Role Example

None

Users cannot access the Integration Permissions page and have no visibility into command-level role restrictions.

View

The user can view the hierarchical table of integrations, instances, and commands along with their assigned role restrictions on the Integration Permissions page, but cannot edit, modify, or use batch edit.

SOC 1, 2, and 3 Analysts, and Threat Hunters: Modifying command permissions is an administrative function.

View/Edit

Read and Write permission on the Integration Permissions page, including edit, assign, or remove roles from commands, use batch edit, and save changes.

Security Engineer: Responsible for configuring and maintaining integration command permissions. Needs to assign roles to commands, use batch edit for bulk changes, and manage the command-level access control model.

Required and recommended permissions

To access the Integration Permissions page, the following permissions are required/recommended:

Permission

Permission Level

Reason

Integrations

View

  • View: Having the Integrations View ensures the parent navigation section is accessible and provides context for the integration instances whose commands are being restricted. Strongly recommended.

  • View/Edit: Users who manage command-level permissions typically also need to configure integration instances. Recommended.

Credentials

View

Provides context about credential sets used by the integrations whose commands are being managed. No direct dependency, but useful for holistic integration management.