New Relic One user model

New Relic One
user model

In mid-2020, New Relic released a newer user model, referred to as the New Relic One user model. Here are the users on this user model:

If you were a New Relic customer before July 30 2020, your users are likely on our original user model. For more on this, see Pricing and user model changes.

This doc will explain the structure of the New Relic One user model, including:

For how to add and manage users, see User management.

User type: basic and full

The user type determines the monitoring and analysis features a user has access to, and is a key factor in billing. (Note that user type does not control account admin-related permissions; that's determined by the user group.)

There are two user types:

  • Basic user:
    • These users are free and have access to basic features like setting up reporting of data, running queries of data, making custom charts and dashboards, and setting up alerts. They do not have access to Full-Stack Observability features. For details, see Capabilities.
    • No matter what group a basic user is assigned to, they always have the capabilities of a basic user: no more and no less.
    • Basic users can upgrade on their own to become full users (with exception of users on original user model). Basic users are prompted to upgrade themselves when they attempt to access a feature available only to full users.
  • Full user:
    • These users are billable and have access to our Full-Stack Observability features, which includes our curated UI experiences, like APM, infrastructure monitoring, browser monitoring, mobile monitoring, and synthetic monitors. For details, see Capabilities.
    • The Standard pricing tier includes one free full user and up to five total.

Are you switching from original pricing to New Relic One pricing? Learn about updating your users. Or learn more about user-related billing calculation.

To understand more about basic users and full users:

Compare full vs basic capabilities

Below is a detailed table showing differences between basic user and full user capabilities. In short, basic users have access to our Telemetry Data Platform and Applied Intelligence (read-only) features, while full users have access to that plus Full-Stack Observability features.

Features Full user Basic user
Full-Stack Observability
(New Relic-built UI experiences)
Application performance monitoring (APM) UI fa-check
Infrastructure monitoring UI fa-check
Digital Experience Monitoring (Browser, Mobile, Synthetics) UI fa-check
Serverless monitoring UI fa-check
Logs in context with other UI experiences fa-check
Synthetics checks fa-check
New Relic Edge with Infinite Tracing (tail-based sampling) fa-check
(Pro and Enterprise)
Subscribe to New Relic One catalog apps fa-check
Assorted curated UI experiences (distributed tracing, Kubernetes cluster explorer, workloads, etc.) fa-check
Applied Intelligence (AI)
Proactive Detection fa-check fa-check
(read-only)
Incident Intelligence fa-check fa-check
(read-only)
Telemetry Data Platform
Data ingest from any source (Metrics, Events, Logs, Traces) fa-check fa-check
Alerts and notifications fa-check fa-check
Interactive query interface fa-check fa-check
Custom charts and dashboards (not New Relic-built) fa-check fa-check
Encryption at rest fa-check fa-check
Standard data retention fa-check fa-check
NerdGraph (GraphQL) API fa-check fa-check
Security and compliance fa-check fa-check
Integrations fa-check fa-check
Data management fa-check fa-check
Logs UI fa-check fa-check
Build custom New Relic One apps fa-check fa-check

Learn more about how user type (basic vs full) relates to roles and capabilities.

Learn more about user-related billing calculations.

Tips on choosing user type

Reasons to make someone a full user:

  • They play a key role in the development, testing, deployment, and maintenance phases of the application development lifecycle.
  • They break/fix code regularly; they are responsible for triaging workflows, troubleshooting, or managing users and roles for their team.
  • They have DevOps practices (i.e. version control systems and implement CI/CD).
  • They need to use New Relic's curated dashboards and experiences (not just the ability to create their own custom queries and charts); in other words, they need full access to our platform.
  • They need to be able to manage users.

Reasons to make someone a basic user:

  • They play a key role in the planning phase of the application development lifecycle.
  • They use and configure New Relic agents, APIs, and integrations to send us data, and access, configure, and use alerts on such data (not necessarily responsible for triaging workflows, troubleshooting, or managing users and roles for their team).
  • They want to see high-level analytics and business metrics for future planning (such as C-Suite executives).
  • They do not need to use our curated experiences and dashboards, but would benefit from the ability to create their own custom queries and charts of data; in other words, they don't need full access to the platform.
  • They don't manage users.

Are you switching from our original pricing plan to New Relic One pricing? Learn about how to convert your users.

Learn more about user-related billing calculations.

Understand user-related billing

For user-related billing calculation details, see Calculations.

For how to query and alert on usage data, see Query usage data.

User groups

This applies to users on our New Relic One user model. For users on our original user model, see Original user docs.

A user group allows managing multiple users at the same time. Your New Relic users are assigned to a group and that group is granted access to specific roles and specific accounts.

We have two default user groups you can add users to:

  • User: Adding someone to this group allows them to use and configure monitoring/analysis features but not perform account-related tasks like managing billing or users.
  • Admin: Adding someone to this group gives them the abilities of the User group and also gives them access to account/organization-related abilities like managing billing-related settings and managing users.

See the roles and capabilities these default groups have.

Pro and Enterprise tier accounts can create their own custom roles and custom groups.

Roles and capabilities

This applies to users on our New Relic One user model. For users on our original user model, see Original user docs.

Roles are a set of capabilities. A capability is defined as the ability to do a specific New Relic task, like 'Delete alert conditions' (see more examples).

We provide some default standard roles (below). Pro and Enterprise tier accounts can also create custom roles.

Standard roles

Our standard roles are default sets of capabilities that satisfy some commonly needed use cases. These standard roles are assigned to our default Admin and User groups, but you can also assign these roles to a custom group.

Most standard roles have capabilities that are unique and that can't be replicated with a custom role. For example, to assign billing management capabilities to a user, you'd need to assign them the Billing user role; you wouldn't be able to assign billing management capability with a custom role. The only standard roles that can be replicated with custom roles are Read only, Standard user, and All product admin (this role is the equivalent of choosing all available capabilities).

Standard roles include:

Standard roles Description
Read only Provides read-only access to the New Relic platform (except for synthetic monitor secure credentials).
Standard user Provides standard access to the platform, including the ability to configure most monitoring tools, but does not include the ability to configure more sensitive settings, including account-level configuration and synthetic monitor secure credentials.
All product admin

Provides admin-level access to the platform. This includes all New Relic capabilities with the exception of managing users (Organization manager and Authentication domain manager) and managing billing-related settings (Billing user).

A basic user is defined as having the All product admin role but without access to Full-Stack Observability features.

Billing user

Provides ability to manage subscriptions and billing, and read-only access to the rest of the platform.

Organization manager

Provides the ability to manage users on the New Relic One user model. This includes abilities to manage user groups, roles, and access grants. For how to grant this role, see Add user management capability.

Authentication domain manager

Provides the ability to manage authentication domains for users on the New Relic One user model. Authentication domains control how users are authenticated, whether via manual username/password or using SAML SSO, and SCIM provisioning (also called automated user management). For how to grant this role, see Add user management capability.

Manage v1 users

For New Relic organizations that existed before July 30 2020 and have users on our original user model, this role lets you manage those "v1" users.

Roles and user groups

There are two default user groups available: User and Admin. These groups have our standard roles applied in these ways:

  • User: this group has only the All product admin standard role, which grants general platform access and some basic admin capabilities.
  • Admin: this group has all the standard roles, giving it complete admin capabilities.

Custom groups can be assigned standard roles or custom roles.

Roles and user type

User type refers to whether a user is a basic user or a full user.

A basic user can be defined as having the All product admin standard role but without access to Full-Stack Observability features (learn more). A basic user always has basic user capabilities, no more and no less, regardless of what group they're assigned to. One nonintuitive impact of this is that a group's basic users could have more capabilities than its full users have. For example, if you created a custom group with very minimal capabilities, the full users in that group would have those minimal capabilities, but any basic users in that group would have more capabilities than the full users because the capabilities of a basic user trump group capabilities.

A full user's capabilities will depend on its assigned group; it has theoretical access to all roles and capabilities.

For more on this, see User type.

Custom roles and capabilities

For tips on setting up custom roles and capabilities, see Add custom role.

Manage users

To learn how to add users, and create custom groups and roles, see Manage users.

2020 user model changes

If you'd like to understand how our user model changed in 2020 and how this affects some functionality, see Impacts of user model changes.

For more help

If you need more help, check out these support and learning resources: