For users on our original user model, an introduction to how the user model works, including user roles and permissions, and how to add and manage users.
This doc and the surrounding section of docs shows you how to manage users who are on our original user model. If you were a New Relic customer before July 30 2020, you likely have users on our original user model (and not the New Relic One user model).
One way to quickly check your users' user model: if you can see users in the Users and roles UI, those users are on our original user model.
Want to learn more about user model changes? See Overview of user models.
In April of 2021, we began allowing some New Relic organizations to migrate their original user model users to the newer New Relic One user model. This new user model offers many benefits in simplifying and improving how you manage your users' roles and access to accounts.
To learn how to find out if you qualify for this and how to start, see Migrate users.
If your New Relic account has users on our original user model, you can use the Users and roles UI. To access this UI: select the account dropdown, select Account settings, and select Users and roles.
Some features in the UI are visible only to account Owners and Admins.
You can also use the New Relic REST API to obtain a list of everyone and their roles in your New Relic account.
Here are some instructions and tips for adding and managing users via the UI:
Starting March 2021, we ended the preview period for these basic users. The preview period gave basic users the same permissions as full users. For more on this, see our Explorer's Hub post on user type changes.
The user type (basic user or full user) determines what features a user has access to.
- Basic user. Details:
- These users have access to basic features like setting up reporting of data, running queries of data, making custom charts and dashboards, and setting up alerts. They do not have access to Full-Stack Observability features (for more details on feature access, see Capabilities).
- Basic users can upgrade to become full users in the UI. They will see prompts when attempting to access unavailable features. They cannot self-upgrade; they must request an upgrade.
- No matter what custom group a basic user is assigned to, they always have the capabilities of a basic user: no more and no less.
- Full user. Details:
- Full users have access to our Full-Stack Observability features, which include our curated UI experiences like APM, infrastructure monitoring, browser monitoring, mobile monitoring, and synthetic monitors. For details on what's available, see Capabilities.
- For organizations on New Relic One pricing: these users are billable. The Standard edition includes one free full user and up to five total.
If a user in your organization is set as a basic user in one account and a full user in another, the user has full user access for all accounts.
For how to edit user type, see Manage users.
A New Relic account can have only one Owner. To share an account with other users in your organization, create Admins, Users, or Restricted Users.
Can add, edit, and delete users, and can enable or set up features.
Can use (and optionally set up) New Relic features. In general, Admins take responsibility for setting up features, and Users and Restricted Users can use them.
One or more individuals who can view (but not set up or change) any New Relic features.
The Restricted User role is useful, for example, for demos. You can change your New Relic session settings so that Restricted User logins do not time out, and then set the user interface to Kiosk mode.
With add-on roles, you can grant variable levels of access to all users in your account, across the entire platform of New Relic products. This allows you to tailor your account permissions levels to suit the needs of Users and Restricted Users within your account.
Giving a User or Restricted User add-on manager access to a product grants them the equivalent of Admin capabilities within the product. They will continue to have User or Restricted User capabilities for all other New Relic products. For example, you could make a software engineer in your company a User in most products, but assign Admin-level access to APM. For another example, you might assign the Nerdpack manager role to a user, and that gives them the ability to subscribe and unsubscribe New Relic One applications to an account.
There are two types of add-on roles:
- Add-on Manager roles are available to grant permissions on a per-product basis. Giving a User or Restricted User managed add-on access to a product grants them the equivalent of Admin capabilities within the product.
- Custom add-on roles can grant feature-specific permissions across different New Relic products. For example, a group of Users could have the ability to acknowledge incidents and close violations in New Relic Alerts, but not have the ability to modify your existing alert preferences.
Individuals on a master account that has sub-accounts automatically have the same level of access for all sub-accounts.
Below are options for managing both managed add-on roles and custom add-on roles:
Here is a summary of basic user rights for your New Relic account. Individuals on a master account with sub-accounts automatically have the same level of access for all sub-accounts. However, they will not receive email notifications for alerts or weekly reports for sub-accounts unless they are explicitly granted permission on these sub-accounts.
Change the account Owner.
When the account Owner and Admins add individuals to the account, New Relic automatically sends them an email message.
Update users' job titles and roles from Account settings in the New Relic UI.
Create, modify and delete sub-accounts from Account settings in the New Relic UI.
Change someone else's password.
You cannot reset passwords for anyone else on the account, even if you are an Owner or Admin. Instead, follow standard procedures to request a password reset from New Relic.
Manage flexible data retention.
Subscribe and unsubscribe applications to New Relic One
Here is a summary of Admin and Add-on manager capabilities with New Relic Alerts. To allow a User or Restricted User to execute any of these functions in New Relic Alerts, assign an Alerts add-on manager role.
Admin and manager capabilities for Alerts include:
- Create or name alert policies.
- Specify incident preferences.
- Disable or define alert conditions.
- Provide runbook instructions.
- Select product targets.
- Alter alert condition thresholds.
- Create, modify, or delete notification channels.
Here is a summary of Admin and Add-on manager capabilities with New Relic APM. To allow a User or Restricted User to execute any of these functions in New Relic APM, assign an APM add-on manager role.
Admin and manager capabilities for APM include:
Here is a summary of Admin and Add-on manager capabilities with New Relic Browser. To allow a User or Restricted User to execute any of these functions in New Relic Browser, assign a Browser add-on manager role.
Admin and manager capabilities for Browser include:
Here is a summary of Admin and Add-on manager capabilities with New Relic Infrastructure. To allow a User or Restricted User to execute any of these functions in New Relic Infrastructure, assign an Infrastructure manager role.
Admin and manager capabilities for Infrastructure include:
- Create alert conditions in New Relic Infrastructure, including conditions for host not reporting.
- Add or modify integrations.
Here is a summary of Admin and Add-on manager capabilities with New Relic Insights.
To allow a User or Restricted User to execute any of these functions in New Relic Insights, assign an Insights manager role. These functions include:
New Relic Insights includes permission levels to share your Insights dashboards with others.
To give permission to delete a mobile app from New Relic, you can assign an Admin or Mobile manager role.
Here's a summary of Admin and Add-on manager capabilities with New Relic Synthetics. To allow a User or Restricted User to execute any of these functions in New Relic Synthetics, assign a Synthetics add-on manager role.
Admin and manager capabilities for Synthetics include:
- Create, edit, or delete monitors.
- Edit monitor scripts.
- Create, edit, or delete private locations.
- Create, edit, or delete monitor downtimes.
- Create, view, edit, or delete secure credentials.
For more information, see User roles in Synthetics.
Here's a summary of Admin and Add-on manager capabilities with New Relic One workloads:
To allow a User or Restricted User to execute these functions, assign the workloads manager add-on role.
If you need more help, check out these support and learning resources:
- Browse the Explorers Hub to get help from the community and join in discussions.
- Find answers on our sites and learn how to use our support portal.
- Run New Relic Diagnostics, our troubleshooting tool for Linux, Windows, and macOS.
- Review New Relic's data security and licenses documentation.