Application collaborator roles
This page goes over Application Collaborator roles - what they are and how to use them
What is an application collaborator role?
Application collaborator roles enable you to manage which other Lucid users can test, develop, publish, and maintain your app.
At a high-level, the purpose of each role is:
- App owners can be considered an "app admin". App owners have full permissions to the app, including viewing the app's OAuth 2.0 client secret or publishing the app for the first time.
- The code editor role is designed for the developers actually coding the app. They can upload new versions of the app to the developer portal and view the client ID and redirect URLs.
- The listing editor role is designed for marketing your app on the Lucid Marketplace. Listing editors can edit the marketplace listing page's content and use any uploaded version of the app to collect screenshots if needed. However, listing editors don't have development-related permissions: they can neither upload package versions nor see the OAuth 2.0 client ID or secret.
- The tester role is designed for those testing your app. Or if you don't intend to publish your app, this role can also be used to distribute your app to select users. The only permission a tester has is to use the app before it's published.
Who can I invite to collaborate?
In order to preserve the security and integrity of your app and its marketplace listing, app owners need to be part of your company's Lucid account. However, to facilitate development of unreleased versions of your app with users from other organizations, you can invite any Lucid user to be a code editor, listing editor, ortester on your app. If an admin desires that no users on other accounts are able to collaborate on their account's apps, they can disable cross-account collaboration in the admin panel.
Summary of application collaborator roles
App owner
- Create, view, and manage OAuth 2.0 credentials. Note that if your app has been privately published, you must be an admin on your Lucid account to create an OAuth 2.0 client on the app.
- Request app be listed in Lucid marketplace.
- Request app be listed in the company-only marketplace.
- Upload new versions of the app.
- Choose the app version published to the marketplace.
- View the app's marketplace listing.
- Edit the app's marketplace listing.
- Use any uploaded app version before it's published.
- Invite/remove collaborators at the same company with the following roles: app owner, code editor, listing editor, tester.
- Invite/remove collaborators at a different company with the following role: tester.
- Automatically get access to both the developer portal and the developer menu unless an account admin has disabled self-selecting into the developer role.*
Code editor
- View OAuth 2.0 client ID and redirect URLs.
- Upload new versions of the app.
- Choose the app version published to the marketplace (after the app has been initially published).
- View the app's marketplace listing.
- Edit the app's marketplace listing.
- Use any uploaded app version before it's published.
- Invite/remove collaborators at the same company with the following roles: code editor, listing editor, tester.
- Invite/remove collaborators at a different company with the following role: tester.
- Automatically get access to both the developer portal and the developer menu unless an account admin has disabled self-selecting into the developer role.*
Listing editor
- View the app's marketplace listing.
- Edit the app's marketplace listing.
- Use any uploaded app version before it's published.
- Invite/remove collaborators at the same company with the following role: listing editor.
- Automatically get access to the developer portal unless an account admin has disabled self-selecting into the developer role.*
Tester
- View the app's marketplace listing.
- Use any uploaded app version before it's published.
- Automatically get access to the developer portal unless an account admin has disabled self-selecting into the developer role.*
User not added as collaborator
- View the app's marketplace listing after the app has been approved to be in the marketplace.
- Install the app's published version after the app has been approved to be in the marketplace.
What can application collaborator roles do?
Application collaborator roles are most useful for applying the principle of least privilege. This principle is that a user should only be given the minimum privileges necessary to perform their required tasks, minimizing the potential for unauthorized access or unintended actions.
For example, these roles can allow quality assurance testing by giving users the "Tester" role. Or, an admin can give marketing personnel limited access to edit the marketplace listing by assigning the "Listing editor" role.
Note that users on different Lucid accounts can be assigned the "Tester" role by anyone with "App owner" or "Code editor" roles.
How do I assign application collaborator roles?
Note that if you already created an application, skip to step 2.
Step 1: Go to your application on the developer portal
- Navigate to the developer portal.
- Open your application.
Step 2: Invite collaborators
- Click on the newly created app to open the app settings page.
- On the app settings page, click the "Invite" button.
- Input the email of the user you want to invite and the role they will be assigned. Note that this needs to be the user's email that is associated with their Lucid account. Also, the "Tester" role can be assigned to users on your account or users on different accounts.
Step 3: Remove collaborators
- If necessary, click the trash can icon next to any collaborators you want to remove from your app.
What are the limitations of application collaborator roles?
There are some instances when a user who has been sent a collaborator invitation is unable to accept it.
This happens when the following are true:
- The receiving user is from a different organization, and is trying to accept a role that can only be given to members of your company's Lucid account. See Who can I invite to collaborate? for more details.
- The admin control for self-selecting into the developer role is turned off on the account of the receiving user.
- The receiving user doesn't have the developer role assigned manually by the admin.
However, if the admin control for self-selecting into the developer role is turned on, accepting the collaborator invitation will automatically give the user access to developer tools, even if they didn't previously have access.
Updated 4 months ago