In mid-2020, New Relic released a newer user model, referred to as the New Relic One user model.
If you had a New Relic organization created before July 30 2020 and you haven't gone through a user migration process, your users are likely on our original user model. For more on this, see Pricing and user model changes.
This doc will explain the structure of the New Relic One user model, including:
For how to add and manage users in the UI, see User management.
The user type (basic user or full user) determines whether a user has access to our Full Stack Observability features. A user's type is something you set long-term based on that user's expected New Relic responsibilities.
Below are details on the two user types. Note that billing-related aspects only apply if you're on New Relic One pricing.
- Basic user. Details:
- These users are free and have access to a wide range of features, including running queries of data, making custom charts and dashboards, and setting up alerts. Unlike full users, they do not have access to our Full-Stack Observability features and some advanced Applied Intelligence features (for a comparison of abilities, see Capabilities).
- No matter what custom group a basic user is assigned to, they always have the capabilities of a basic user: no more and no less.
- Basic users will see prompts for upgrading to a full user when they attempt to access unavailable features. For details, see Upgrade.
- Full user. Details:
- Full users have access to our Full-Stack Observability features, which include curated UI experiences like APM, infrastructure monitoring, browser monitoring, mobile monitoring, synthetic monitors, access to New Relic One apps, and more. For details, see Capabilities.
- Standard edition includes one free full user and up to five total full users.
- A full user can downgrade to a basic user twice in a 12-month period.
Learn more about basic user versus full user differences:
A user group allows managing multiple users at the same time. Your New Relic users are assigned to a group and that group is granted access to specific roles and specific accounts.
Full users can be added to one of two default groups:
- User: This group allows a user to use and configure monitoring/analysis features but not perform account-related tasks like managing billing or users.
- Admin: This group has all standard roles.
Organizations with Pro and Enterprise edition can create custom groups, and control access to roles and accounts using access grants.
To change the group a user is in, use the User management UI.
Here's a table explaining how user type (basic vs full user), roles, and groups relate to each other:
Full users can be assigned to default groups (User and Admin) or custom groups.
Basic users, no matter what group they're assigned to, always have basic user abilities, no more and no less.
Here are the roles our default groups have:
Custom groups can have either our default standard roles, or custom roles.
A basic user's abilities aren't directly related to roles. A basic user can best be described as having the All product admin role but without access to most of our curated UI experiences (learn more about user type).
Roles are a set of capabilities. A capability is defined as the ability to do a specific New Relic task, like 'Delete alert conditions' (learn more about capabilities).
Our standard roles are default sets of capabilities that satisfy some commonly needed use cases.
Note that some of our standard roles have hidden capabilities that aren't available for selection when creating a custom role. The only standard roles that can be replicated with a custom role are Standard user and Read only; all others have special hidden abilities.
Our standard roles include:
All product admin
Provides admin-level access to the platform. This includes all New Relic capabilities with the exception of managing users (Authentication domain manager role) and managing account-structure settings (Organization manager role).
Provides access to use most of the platform, but lacks configuration and administration-level abilities (like account-level configuration or synthetic monitor secure credentials).
Provides ability to manage subscriptions and billing, and read-only access to the rest of the platform.
Provides the ability to manage organization settings, including organization structure, name, and preferences. Due to our recent switch to the New Relic One account/user model, this role currently has few abilities but more will be added over time.
For how to grant this role, see Add user management capability.
Organization read only
Provides the ability to view organization-level settings. For how to grant this role, see Add user management capability.
Authentication domain manager
Authentication domain read only
Provides read-only access to the New Relic platform (except for synthetic monitor secure credentials).
Manage v1 users
For New Relic organizations that existed before July 30 2020 and have users on our original user model, this role lets you manage those "v1" users.
A role, whether one of our standard roles or a custom one, is defined as a set of capabilities. In the Organization and access UI, when you choose a role or create a custom role, you can see the available capabilities.
Here's a view of the capabilities associated with the All product admin role. When creating a custom role, you can select a custom set of capabilities. Note that our list of capabilities changes over time: this screenshot was taken April 2021.
For how to set up roles with custom capabilities, see the user management tutorial.
To learn how to add users, assign them to groups, and create custom groups and roles, see Manage users.
If you'd like to understand how our user model changed in 2020 and what the impacts of that change were, see User model changes.
If you need more help, check out these support and learning resources:
- Browse the Explorers Hub to get help from the community and join in discussions.
- Find answers on our sites and learn how to use our support portal.
- Run New Relic Diagnostics, our troubleshooting tool for Linux, Windows, and macOS.
- Review New Relic's data security and licenses documentation.