• /
  • Log in

Users, roles, permissions (original user model)

Original user model

For users on our original user model, an introduction to how the user model works, including user roles and permissions, and how to add and manage users.

Requirements

This doc and the surrounding section of docs shows you how to manage users on our original account/user model. If you were a New Relic customer before July 30 2020 and haven't migrated your users to the new model, your users are on our original account/user model (and not the New Relic One model).

If you're an admin and want to see if you have users on the original model: If you can see users in the Users and roles UI, those users are on our original user model.

Updates about our new account/user model

In July of 2020, we released a new account/user model called the New Relic One user model, which offers many benefits in terms of how you manage your organization and users. At first this was only available to new sign-ups but over time we've been migrating more older customers to the new model. Some older customers are able to migrate their users on their own. We'll continue working on migrating users to the new model until the original model is fully deprecated.

One impact of the new user model is that it's possible now for users to have multiple logins associated with the same email. For example, a user with access to multiple organizations (like a contractor) may have their user record updated to the new user model in one organization, resulting in them having their original login method and records and a New Relic One user model record. This may result in the user being logged in to New Relic and not being able to find an account they're looking for. For more on that, see Factors affecting access.

Multiple accounts

If a user's email is associated with more than one login, they'll see a "multiple accounts found" note when logging in.

View and manage users in UI

If your New Relic account has users on our original user model, you can use the Users and roles UI. To access this: Click the account dropdown, click Account settings, and then click Users and roles.

Some features in the UI are visible only to account Owners and Admins.

Tip

You can also use the New Relic REST API to obtain a list of everyone and their roles in your New Relic account.

Here are some instructions and tips for adding and managing users via the UI:

User types: basic user and full user

Important

This section is for users on our original user model. If you're on our New Relic One user model, see our New Relic One user docs.

Starting March 2021, we ended the preview period for basic users on our original user model. The preview period gave these basic users the same permissions as full users. For more on this, see our Explorers Hub post on user type changes.

The user type (basic user or full user) determines what features a user has access to.

Below are details on the two user types. Note that billing-related aspects only apply if you're on New Relic One pricing. If you're on our original pricing plan, billing impacts do not apply.

  • Basic user. Details:
    • These users have access to basic features like setting up reporting of data, running queries of data, making custom charts and dashboards, and setting up alerts. They do not have access to Full-Stack Observability features (for more details on feature access, see Capabilities).
    • Depending on access request settings, basic users can either upgrade themselves to be full users or request upgrade access from admins.
    • No matter what custom group a basic user is assigned to, they always have the capabilities of a basic user: no more and no less.
  • Full user. Details:
    • Full users have access to our Full-Stack Observability features, which include our curated UI experiences like APM, infrastructure monitoring, browser monitoring, mobile monitoring, and synthetic monitors. For details on what's available, see Capabilities.
    • For organizations on New Relic One pricing: these users are billable. The Standard edition includes one free full user and up to five total.

If a user in your organization is set as a basic user in one account and a full user in another, the user has full user access for all accounts.

For how to edit a user's type, see Manage users.

Account roles

A New Relic account can have only one Owner. To share an account with other users in your organization, create Admins, Users, or Restricted Users.

Account role

Description

Owner

The person who initially creates the New Relic account and receives all billing queries. The Owner has complete access to all of the account information.

Admin

Can add, edit, and delete users, and can enable or set up features.

User

Can use (and optionally set up) New Relic features. In general, Admins take responsibility for setting up features, and Users and Restricted Users can use them.

Restricted User

One or more individuals who can view (but not set up or change) any New Relic features.

The Restricted User role is useful, for example, for demos. You can change your New Relic session settings so that Restricted User logins do not time out, and then set the user interface to Kiosk mode.

Add-on roles

With add-on roles, you can grant variable levels of access to all users in your account, across the entire platform of New Relic products. This allows you to tailor your account permissions levels to suit the needs of Users and Restricted Users within your account.

Giving a User or Restricted User add-on manager access to a product grants them the equivalent of Admin capabilities within the product. They will continue to have User or Restricted User capabilities for all other New Relic products. For example, you could make a software engineer in your company a User in most products, but assign Admin-level access to APM. For another example, you might assign the Nerdpack manager role to a user, and that gives them the ability to subscribe and unsubscribe New Relic One applications to an account.

There are two types of add-on roles:

  • Add-on Manager roles are available to grant permissions on a per-product basis. Giving a User or Restricted User managed add-on access to a product grants them the equivalent of Admin capabilities within the product.
  • Custom add-on roles can grant feature-specific permissions across different New Relic products. For example, a group of Users could have the ability to acknowledge incidents and close violations in New Relic Alerts, but not have the ability to modify your existing alert preferences.

Individuals on a parent account automatically have the same level of access for all the child accounts of the parent account.

Below are options for managing both managed add-on roles and custom add-on roles:

Account permissions

Here is a summary of basic user rights for your New Relic account. Individuals on a parent account automatically have the same level of access for all the child accounts of that parent account. However, they won't receive email notifications for alerts or weekly reports for child accounts unless they are explicitly granted permission on those accounts.

Function

Owner

Admin

User

Restricted

Maintain billing information.

Change the account Owner.

Add, update, and delete account Admins, Users, and Restricted Users.

When the account Owner and Admins add individuals to the account, New Relic automatically sends them an email message.

Update users' job titles and roles from Account settings in the New Relic UI.

Create, modify and delete child accounts from Account settings in the New Relic UI.

Update your own account information (name, password change or password reset request, default account, email preferences, etc.) from User preferences in the New Relic UI.

Change someone else's password.

You cannot reset passwords for anyone else on the account, even if you are an Owner or Admin. Instead, follow standard procedures to request a password reset from New Relic.

View the list of individuals on the account from (account dropdown) > Account settings > Account > Summary in the New Relic UI.

Manage flexible data retention.

Subscribe and unsubscribe applications to New Relic One

Add, update, and delete Proactive Detection configurations.

Alert permissions

Here is a summary of Admin and Add-on manager capabilities with New Relic Alerts. To allow a User or Restricted User to execute any of these functions in New Relic Alerts, assign an Alerts add-on manager role.

Admin and manager capabilities for Alerts include:

APM permissions

Here is a summary of Admin and Add-on manager capabilities with New Relic APM. To allow a User or Restricted User to execute any of these functions in New Relic APM, assign an APM add-on manager role.

Admin and manager capabilities for APM include:

Browser permissions

Here is a summary of Admin and Add-on manager capabilities with New Relic Browser. To allow a User or Restricted User to execute any of these functions in New Relic Browser, assign a Browser add-on manager role.

Admin and manager capabilities for Browser include:

Infrastructure permissions

Here is a summary of Admin and Add-on manager capabilities with New Relic Infrastructure. To allow a User or Restricted User to execute any of these functions in New Relic Infrastructure, assign an Infrastructure manager role.

Admin and manager capabilities for Infrastructure include:

Insights permissions

Here is a summary of Admin and Add-on manager capabilities with New Relic Insights.

To allow a User or Restricted User to execute any of these functions in New Relic Insights, assign an Insights manager role. These functions include:

Tip

New Relic Insights includes permission levels to share your Insights dashboards with others.

Mobile permissions

To give permission to delete a mobile app from New Relic, you can assign an Admin or Mobile manager role.

Synthetics permissions

Here's a summary of Admin and Add-on manager capabilities with New Relic Synthetics. To allow a User or Restricted User to execute any of these functions in New Relic Synthetics, assign a Synthetics add-on manager role.

Admin and manager capabilities for Synthetics include:

For more information, see User roles in Synthetics.

Workloads permissions

Here's a summary of Admin and Add-on manager capabilities with New Relic One workloads:

To allow a User or Restricted User to execute these functions, assign the workloads manager add-on role.

For more help

If you need more help, check out these support and learning resources:

Create issueEdit page
Copyright © 2021 New Relic Inc.