---
title: "Organization Roles Knowledge Base Article | ThreatConnect"
slug: "organization-roles"
description: "This article defines all Organization roles in ThreatConnect and lists all permissions for each Organization role with respect to Organization administration, threat intelligence, Workflow, and Playbooks."
updated: 2024-04-19T18:56:32Z
published: 2024-04-19T18:56:32Z
canonical: "knowledge.threatconnect.com/organization-roles"
---

> ## Documentation Index
> Fetch the complete documentation index at: https://knowledge.threatconnect.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Organization Roles

Table 1 defines each owner role for an Organization.

| Owner Role | Definition |
| --- | --- |
| **Read Only User** | User accounts that can only view existing data in an Organization. Customers may create an unlimited number of Read Only User accounts in an Organization for free. Important Read Only User accounts that do not count against an Organization’s user license limit must have a System role of Read Only User. Creating Read Only Users requires a license that allows Read Only Users. |
| **Standard User** | Licensed user accounts that can view, create, and delete data in an Organization. |
| **Sharing User** | Licensed user accounts that can view, create, delete, and share data in an Organization. |
| **Organization Administrator** | Licensed user accounts that can administer and configure all Organization data and members. |
| **App Developer** | Licensed user accounts that can [build apps](/v1/docs/app-builder) in an Organization. |
| **Read Only Commenter** | User accounts that can view and comment on existing data in an Organization, as well as create [Posts](/v1/docs/posts) and add [Notes](/v1/docs/case-notes)to Workflow Cases. Customers may create an unlimited number of Read Only Commenter accounts in an Organization for free. Important Read Only Commenter accounts that do not count against an Organization’s user license limit must have a System role of Read Only User. Creating Read Only Commenters requires a license that allows Read Only Commenters. |

## Organization Administration

Table 2 provides the specific permissions for each Organization owner role with respect to Organization administration. System Administrators can view these settings under the **Access Control**tab of the **Edit Owner Role**window for the owner role. The permissions are defined in the [“Organization” subsection of the “Intel Access Permissions” section of *Permission Definitions*](https://knowledge.threatconnect.com/v1/docs/permission-definitions#organization). Depending on the size of the device you are viewing this article on, you may need to scroll horizontally to view all table columns.

| Owner Role | Invite | Membership | Settings | Users | Apps | Attribute Type | Security Label |
| --- | --- | --- | --- | --- | --- | --- | --- |
| **Read Only User** | None | Read | Read | None | None | Read | Read |
| **Standard User** | None | Read | Read | None | None | Read | Create |
| **Sharing User** | None | Read | Read | None | None | Read | Create |
| **Organization Administrator** | Allowed | Read | Full | Full | App Builder release allowed | Full | Full |
| **App Developer** | None | Read | Read | None | App Builder build allowed | Read | Create |
| **Read Only Commenter** | None | Read | Read | None | None | Read | Read |

## Threat Intelligence

Table 3 provides the specific permissions for each Organization owner role with respect to threat intelligence. System Administrators can view these settings under the **Intel**tab of the **Edit Owner Role**window for the owner role. The permissions are defined in the [“Organization” subsection of the “Threat Intelligence Permissions” section of *Permission Definitions*](https://knowledge.threatconnect.com/v1/docs/permission-definitions#organization1). Depending on the size of the device you are viewing this article on, you may need to scroll horizontally to view all table columns.

| Owner Role | Attribute | Indicator, Group, Track, Victim | Tag | Copy Data | Post |
| --- | --- | --- | --- | --- | --- |
| **Read Only User** | Read | Read | Read | None | Read |
| **Standard User** | Full | Full | Full | None | Create |
| **Sharing User** | Full | Full | Full | Allowed | Create |
| **Organization Administrator** | Full | Full | Full | Allowed | Full |
| **App Developer** | Full | Full | Full | None | Create |
| **Read Only Commenter** | Read | Read | Read | None | Create |

## Workflow

Table 4 provides the specific permissions for each Organization owner role with respect to [Workflow](https://training.threatconnect.com/learn/article/workflow-overview-kb-article). System Administrators can view these settings under the **Case Management**tab of the **Edit Owner Role**window for the owner role. The permissions are defined in the [“Workflow Permissions” section of *Permission Definitions*](https://knowledge.threatconnect.com/v1/docs/permission-definitions#workflow-permissions). Depending on the size of the device you are viewing this article on, you may need to scroll horizontally to view all table columns.

| Owner Role | Case | Case Tag | Open Case | Note | Timeline | Template | Task | Artifact | Case Attribute |
| --- | --- | --- | --- | --- | --- | --- | --- | --- | --- |
| **Read Only User** | Read | Read | None | Read | Read | Read | Read | Read | Read |
| **Standard User** | Edit | Edit All | Create All | Create | Create | Edit | Edit All | Edit All | Full |
| **Sharing User** | Edit | Edit All | Create All | Create | Create | Edit | Edit All | Edit All | Full |
| **Organization Administrator** | Full | Edit All | Create All | Full | Full | Full | Full | Delete All | Full |
| **App Developer** | None | None | None | None | None | None | None | None | None |
| **Read Only Commenter** | Read | Read | None | Create | Read | Read | Read | Read | Read |

## Playbooks

Table 5 provides the specific permissions for each Organization owner role with respect to [Playbooks](/v1/docs/playbooks). System Administrators can view these settings under the **Playbooks**tab of the **Edit Owner Role**window for the owner role. The permissions are defined in the [“Playbooks Permissions” section of *Permission Definitions*](https://knowledge.threatconnect.com/v1/docs/permission-definitions#playbooks-permissions).

| Owner Role | Playbook User Actions | Playbook |
| --- | --- | --- |
| **Read Only User** | None | Read |
| **Standard User** | Execute | Full |
| **Sharing User** | Execute | Full |
| **Organization Administrator** | Execute | Full |
| **App Developer** | Execute | Full |
| **Read Only Commenter** | None | Read |

---

*ThreatConnect® is a registered trademark of ThreatConnect, Inc.*

20095-03 v.04.E