Users and roles (original user model)

Original
user
model

For users on our original user model, an introduction to how the user model works, including user roles and permissions.

Who are these docs for?

This doc and the surrounding section of docs shows you how to manage users who are on our original user model. If you were a New Relic customer before July 30 2020, you very likely have users on our original user model (and not the New Relic One user model). One way to quickly check the user model: if you can see users in the Users and roles UI, these users are on our original user model.

Want to learn more about user model changes? See Overview of pricing plan and user models.

View and manage users

To see the users on your New Relic account and their current roles: select the account dropdown, select Account settings, and select Users and roles.

Some features in the UI are visible only to account Owners and Admins.

User types: basic user and full user

On the Users and roles UI page, users are categorized as either full users or basic users. This only affects your account once you've switched to the New Relic One pricing plan, released July 2020. Once you've changed your pricing plan, the number of full users is a factor in your billing. Your users on our original user model remain on that user model (and use these original user docs) and additionally have the new full/basic categorization. To learn more, see Transition to new pricing.

You can also bulk update changes to user type.

Account roles

A New Relic account can have only one Owner. To share an account with other users in your organization, create Admins, Users, or Restricted Users.

Account role Description
Owner The person who initially creates the New Relic account and receives all billing queries. The Owner has complete access to all of the account information.
Admin

Can add, edit, and delete users, and can enable or set up features.

User Can use (and optionally set up) New Relic features. In general, Admins take responsibility for setting up features, and Users and Restricted Users can use them.
Restricted User

One or more individuals who can view (but not set up or change) any New Relic features.

The Restricted User role is useful, for example, for demos. You can change your New Relic session settings so that Restricted User logins do not time out, and then set the user interface to Kiosk mode.

Add-on roles

With add-on roles, you can grant variable levels of access to all users in your account, across the entire platform of New Relic products. This allows you to tailor your account permissions levels to suit the needs of Users and Restricted Users within your account.

Giving a User or Restricted User add-on manager access to a product grants them the equivalent of Admin capabilities within the product. They will continue to have User or Restricted User capabilities for all other New Relic products. For example, you could make a software engineer in your company a User in most products, but assign Admin-level access to APM. For another example, you might assign the Nerdpack manager role to a user, and that gives them the ability to subscribe and unsubscribe New Relic One applications to an account.

There are two types of add-on roles:

  • Add-on Manager roles are available to grant permissions on a per-product basis. Giving a User or Restricted User managed add-on access to a product grants them the equivalent of Admin capabilities within the product.
  • Custom add-on roles can grant feature-specific permissions across different New Relic products. For example, a group of Users could have the ability to acknowledge incidents and close violations in New Relic Alerts, but not have the ability to modify your existing alert preferences.

Individuals on a master account that has sub-accounts automatically have the same level of access for all sub-accounts.

Below are options for managing both managed add-on roles and custom add-on roles:

View roles

To view the list of individuals assigned to your account and their current roles: Go to account dropdown > Account settings > Users and roles.

Assign a managed role

Owner and Admins

Managed add-on roles are available by default for each New Relic product. Adding a managed role for a user grants them Admin-level permissions for the assigned product. They cannot be edited or deleted. To assign a managed add-on role for a User or Restricted User in your account:

  1. Go to account dropdown > Account settings > Users and roles.
  2. From the list of users associated with your account, select their name.
  3. Under Add-on roles, select the type of manager role for the user.
  4. To understand which capabilities may be added, use the Capabilities preview chart.

Features in the Capabilities preview chart may not exactly match what features are available for your subscription level.

You can also add, update, or delete users in bulk by using a CSV file.

Create a custom role

To create a custom add-on role for your account:

  1. Go to account dropdown > Account settings > Users and roles > Roles.
  2. Select plus-circle New custom add-on role.
  3. Select the capabilities necessary for the new custom role, then Create role.
Assign a custom role

Owners and Admins

You must create a custom role before assigning it to a user. To assign a custom add-on role for a User or Restricted User in your account:

  1. Go to account dropdown > Account settings > Users and roles > Users.
  2. From the list of users associated with your account, select their name ].
  3. Under Add-on roles, select a custom role for the user.
  4. Click Update user.
Edit or delete a custom role

Owners and Admins

You cannot edit or delete New Relic's default roles. However, you can edit or delete custom add-on roles for your account:

  1. Go to account dropdown > Account settings > Users and roles > Roles.
  2. From the Add-on roles list, select the custom add-on role, then select pencil Edit role or trash-o Delete role as appropriate.

Account permissions

Here is a summary of basic user rights for your New Relic account. Individuals on a master account with sub-accounts automatically have the same level of access for all sub-accounts. However, they will not receive email notifications for alerts or weekly reports for sub-accounts unless they are explicitly granted permission on these sub-accounts.

Function Owner Admin User Restricted
Maintain billing information. fa-check
Change the account Owner. fa-check

Add, update, and delete account Admins, Users, and Restricted Users.

When the account Owner and Admins add individuals to the account, New Relic automatically sends them an email message.

fa-check fa-check

Update users' job titles and roles from Account settings in the New Relic UI.

fa-check fa-check
Create, modify and delete sub-accounts from Account settings in the New Relic UI. fa-check fa-check

Update your own account information (name, password change or password reset request, default account, email preferences, etc.) from User preferences in the New Relic UI.

fa-check fa-check fa-check fa-check

Change someone else's password.

You cannot reset passwords for anyone else on the account, even if you are an Owner or Admin. Instead, follow standard procedures to request a password reset from New Relic.

View the list of individuals on the account from (account dropdown) > Account settings > Account > Summary in the New Relic UI. fa-check fa-check fa-check fa-check
Manage flexible data retention. fa-check
Subscribe and unsubscribe applications to New Relic One fa-check fa-check

Alert permissions

Here is a summary of Admin and Add-on manager capabilities with New Relic Alerts. To allow a User or Restricted User to execute any of these functions in New Relic Alerts, assign an Alerts add-on manager role.

Admin and manager capabilities for Alerts include:

APM permissions

Here is a summary of Admin and Add-on manager capabilities with New Relic APM. To allow a User or Restricted User to execute any of these functions in New Relic APM, assign an APM add-on manager role.

Admin and manager capabilities for APM include:

Browser permissions

Here is a summary of Admin and Add-on manager capabilities with New Relic Browser. To allow a User or Restricted User to execute any of these functions in New Relic Browser, assign a Browser add-on manager role.

Admin and manager capabilities for Browser include:

Infrastructure permissions

Here is a summary of Admin and Add-on manager capabilities with New Relic Infrastructure. To allow a User or Restricted User to execute any of these functions in New Relic Infrastructure, assign an Infrastructure manager role.

Admin and manager capabilities for Infrastructure include:

Insights permissions

Here is a summary of Admin and Add-on manager capabilities with New Relic Insights.

To allow a User or Restricted User to execute any of these functions in New Relic Insights, assign an Insights manager role. These functions include:

New Relic Insights includes permission levels to share your Insights dashboards with others.

Mobile permissions

To give permission to delete a mobile app from New Relic, you can assign an Admin or Mobile manager role. ​​​

Synthetics permissions

Here's a summary of Admin and Add-on manager capabilities with New Relic Synthetics. To allow a User or Restricted User to execute any of these functions in New Relic Synthetics, assign a Synthetics add-on manager role.

Admin and manager capabilities for Synthetics include:

For more information, see User roles in Synthetics.

Workloads

Here's a summary of Admin and Add-on manager capabilities with New Relic One workloads:

  • Create, duplicate, modify, or delete workloads.
  • Link dashboards to workloads and save filters.

To allow a User or Restricted User to execute these functions, assign the workloads manager add-on role.

For more help

If you need more help, check out these support and learning resources: