We’re thrilled to announce that you can now assign roles to contributors for all EAP apps!
Note, contributors who’ve earlier been added to your apps will have the admin role. As app admin, you can edit their roles as needed via the Contributors page in the developer console.
For more information on the new roles and permissions, please visit the Contributors documentation.
If you have any feedback you would like to share with us, please use the “Give feedback” button at the top right-hand side of the developer console.
This is great news, thank you for the constructive discussion and outcome of RFC-17: Multi-User App Ownership - Roles and Permissions.
I strongly suggest you change the default to ‘Viewer’ though - this is a security feature after all, so it’s important to start from least privilege to avoid the unlikely edge cases that are guaranteed to happen at scale, e.g.:
- I add a contributor and my internet breaks down before I can remove the admin privileges
- I add a contributor and a CDAC notification distracts me from the pending role adjustment
This is also how other mature platforms handle role/permission management, i.e. you always need to opt into additional permissions.
Hey hi @sopel ! Thanks a lot for the feedback as always
Couple of points to mention from our end :
- For EAP apps earlier there were no roles, we have defaulted already added contributors of EAP apps to admin role as it is the closest in terms of functionality. We request to please edit the roles to what is best for already added contributors in the past.
- We will be removing CLI support to add contributors from 25th September. We suggest not to use CLI to add contributors till then as it will default to admin and instead recommend Developer Console for adding contributors
- While adding contributors from Developer Console, we are providing a drop down option to select the role and confirm. No default role is provided here.
Please let me know if there are any further concerns.