Loome Docs > Loome Assist > Application Roles

Application Roles

In Loome Assist, there are application roles with different levels of user access overall, as well as individual project roles specific to each project. These roles can be assigned and managed by an Administrator.

Find the following sections below:

Application Roles in Loome Assist:

Administrator: Users with the Administrator role have full control of Loome Assist. They are able to manage Agents, Connections, Projects, Rules and Users.
Project Creator: Users with the Project Creator role can manage all projects in this Loome Assist tenant.
Consumer: Users with the Consumer role can view projects in Loome Assist. This role has read-only privileges, so users will not be able to modify projects. If an email notification was sent to an email address that does not have a role in Loome Assist, then that user will be assigned to the Consumer role. This user can then sign in and view the project they were assigned to as a Consumer.

Permission	Administrator	Project Creator	Consumer
Configure remote API access**	✔	✖	✖
Access Loome Assist remotely via API**	✔	✖	✖
Invite new users and manage user application roles	✔	✖	✖
Add and edit a connection	✔	✖	✖
Add and manage agents	✔	✖	✖
Add and manage accounts	✔	✖	✖
Add and manage cost centers	✔	✖	✖
Add and manage affiliations	✔	✖	✖
Manage workstation templates	✔	✖	✖
Manage and create projects	✔	✔	✖
Add and manage workstations	✔	✔	✖
Add and manage data repositories	✔	✔	✖
Deploy a workstation	✔	✔	✖
View projects	✔	✔	✔*

*Consumers can only view projects that they have been assigned to.

**Currently, API Keys created in Loome Assist will have the same permissions as an administrator**.

Project Specific Roles:

Project Owners: A project owner can deploy and use resources, and manages their specific project.
Project Contributors: This user can deploy and use resources, but cannot add other users to a project.
Project Readers: Users with this role can use resources, but cannot deploy them or make changes to a project.

Permission	Project Owner	Project Contributor	Project Reader
Create projects	✔	✖	✖
Manage assigned projects	✔	✖	✖
Add users to a project	✔	✖	✖
Deploy and use resources	✔	✔	✖
View projects	✔	✔	✔*

*Consumers can only view projects that they have been assigned to.

If you add an email address to a project that has not been added to your Loome Assist tenant before, this user will be added to the 'Consumer' role in your Loome Assist tenant as well as the project level role you have selected here. This user will receive an email invitation that includes a link to Loome Assist.

How to Add Users to an Application Role

Find the application role page from the top right settings menu, as shown in the image below.

Application roles in the menu

Beside the role that you would like to add a user to, click on Add in the top right corner of that role and a slide-out will be expanded.

Add a user

Choose the type of member that you want to add. This can be a user, a group or an API Key.

[The following steps vary depending on whether your organization has enabled user or group lookup.](docs.loomesoftware.com/knowledge-base/enable-lookup/) Please contact your administrator if you would like to enable this.

Users that are guests to an organization can only add users manually.

Manually Add Users

In this slide-out, type in the email address of the user and then click Add.

Type in email address

Click on Invite and this user will receive an email invitation. This email will contain a link to Loome Assist. This user can then log in, and can access Loome Assist with the permissions of the role you have selected.

Invite a user

Search for Users and Groups

Choose whether you want to add a User or Group. If your organization has enabled lookup, you can search for a user or group in your organization.

Choose a user type

Users

To add a user, you can search for a user by name in the ‘Add User’ field.

Provide a user name

Click on your chosen users. They will be displayed beneath the dropdown.

Choose a user

You can also manually add an email address and select the first option from the dropdown.

Choose a user from the dropdown

Click on Submit to save the chosen user(s).

Submit users

Groups

To add a group, you can search for the group by name. You can then choose the group from the dropdown.

Choose a group

You can view the members of a group by selecting the group and clicking on the group icon beside it.

Loome will also display the email address, if available, for the group beside it.

View group members

Click on Submit to save the chosen group(s).

Submit users

Application Role Status

If a user has only been sent an invitation, their status will remain as ‘User Invitation’ until they log in, in which their status will change to ‘User’.

Invited user

Delete a User from a Role

Find the user on the application roles page.

Click on the Delete button at the end of a row beside the user’s name.

This will delete the user from this tenant and any project roles.

You cannot delete your own user account from a role. If you require your own account to be deleted from a role, a different administrator will need to delete the user account.

Delete a user

Deleting a Group

Click on Delete at the end of a row beside the group.

Please note that deleting a group from an application role will not also delete all users from projects that any users of this group may have been added to.

Deleting an API Key

Click on Delete at the end of a row beside the API Key.

Please note that **deleting an API Key from all application roles will delete the API Key from the tenant**, including the [Remote Access](/assist/how-to-manage-remote-api-access/) page and from any project roles. If the API Key has multiple application roles, you will need to delete it from all application roles to also delete it from project roles and the Remote Access page.

How to Add a User to a Project Level Role?

You can apply project level roles to users when creating a project. These roles will apply to a specific project, and will need to be applied to each project individually.

Follow this link to learn how to add users to a project here.