Confusion with Default Orchestrator Roles

I want to validate the use of these default roles based on two differing primary sources:

These have different roles such as enable running automations and allow to be automation user. These roles almost look the same. Was this a hidden fix of what the roles should have been and which should I use?

I think the Allow to Be… is more right but the documentation is confusing. The articles should line up together unless someone can explain why there is a nuance.

I wonder if the 2nd article is just outdated…

using 2021 version of orch.


Yep, you’re looking at the documentation from 2019.
Be careful when clicking on links from google, they’re usually outdated.

yeah that’s right but it shouldn’t display content then or have a flag to say its deprecated.

Other links in the past have been treated similarly. Hopefully the website updates to avoid such confusions.

Hi @Shawn_Ngoh,

Yes if you are using 2021 version of orchestrator, you should be referring documentation for same version which is as below:

2019v documentation is also available as there can be some of the organizations still on that version.


I see. I was hoping if it was seemless to change those old roles to the new one upon upgrade of orchestrator.

All good. They can keep their documents.

Hi @Shawn_Ngoh,

In latest versions of orchestrator, you should be able to see standard roles availability which you can just enable and use.
For this, go to tenant-> settings-> scroll down, you will see roles section as below


Yes, I have done the same. Except that the old roles from V19 still are there. I’ll need to remove them and reassign those users to the newer versions of those roles.


Are you not able to modify those roles itself?

You should be able to edit those roles itself instead of creating new ones.


I think we resolved this topic by removing the duplicitous role. Modifying a deprecated role doesn’t seem practical. We kept the newer auto-generated role in the new Orchestrator and removed the old roles. I’m just trying to highlight for users who upgrade their orchestrator why there may be confusion with two similar roles generated by Orchestrator.

Hi @Shawn_Ngoh,

Even for upgrades, roles are not enabled automatically unless done specifically from settings menu.

And once enabled from there, they can also follow the process of removing duplicate roles or may be can go for modifying existing ones itself without utilizing new available roles.

So it really depends on how an org wants to move ahead with role defining/refining process.


This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.