User types, roles, and privileges

Organizations can use, create, and share a wide range of geographic content, including maps, scenes, apps, and layers. The ability of individual organization members to access and work with content in different ways depends on the privileges they have in the organization. User types allow organizations to control the scope of privileges that can be assigned to members through roles.

User types

Organizations assign user types to members based on the members' needs and requirements. Members are assigned a user type when they are added to the organization. The user type determines the privileges that can be granted to the member through a default or custom role. Each user type also includes access to specific apps.

The following user types are offered:

  • ViewerViewers can view items that are shared with them by other ArcGIS users and have access to a selection of apps. This user type is ideal for members of an organization who need to view ArcGIS content in a secure environment. Viewers can’t create, edit, share, or perform analysis on items or data.
  • EditorEditors can view and edit data in ArcGIS maps and apps that are shared with them by other ArcGIS users. This user type is ideal for users who need to access and edit data that is shared with them and includes access to a selection of apps. The Editor user type can also be used with custom editing applications created by customers or by Esri business partners. Editors can’t analyze, create, or share items or data.
  • Mobile WorkerMobile Workers can view and edit data that has been shared with them by other ArcGIS users and have access to a selection of apps. This user type is ideal for users who primarily interact with ArcGIS content through Esri field apps. It allows users to view, collect, and edit data in the field, share their location, and record location tracks. Mobile Workers can’t analyze, create, or share items or data.
  • CreatorCreators can create and edit content such as maps and apps, perform in-depth spatial analysis using the analysis tools in the portal, collect data, and collaborate and share content for use in apps. Creators have access to a selection of apps, can view content created by other organization members, and administer users and content in the organization.
  • GIS ProfessionalGIS Professionals can build advanced 2D and 3D maps, visualizations, and analyses using ArcGIS Pro (Basic, Standard, or Advanced), as well as use ArcGIS Enterprise to create, edit, and collaborate and share content for use in apps. GIS Professionals can also administer users and content in the organization. This user type is designed for those who need the full suite of GIS apps to perform their work—that is, create web maps and apps, perform in-depth spatial analysis using analysis tools, and leverage the advanced tools of ArcGIS Pro. The GIS Professional user type can be assigned at the following three levels, which correspond to the three license levels of ArcGIS Pro:
    • GIS Professional Basic—The GIS Professional Basic user type includes ArcGIS Pro Basic, which provides the tools and environment for map creation and interactive visualization.
    • GIS Professional Standard—The GIS Professional Standard user type includes ArcGIS Pro Standard, which provides the tools and environment for map creation, interactive visualization, multiuser editing, and advanced data management. It also includes access to ArcGIS Parcel Fabric and ArcGIS Utility Network user type extensions.
    • GIS Professional Advanced—The GIS Professional Advanced user type includes ArcGIS Pro Advanced, which provides the tools and environment for map creation, interactive visualization, multiuser editing, advanced data management, advanced analysis, high-end cartography, and extensive database management. It also includes access to ArcGIS Parcel Fabric and ArcGIS Utility Network user type extensions.
  • Storyteller—The Storyteller user type allows users to create stories using ArcGIS StoryMaps. Storytellers can sign in to ArcGIS StoryMaps and create stories using content such as maps, scenes, and apps created and shared by other members of their organization. Storytellers can also create embedded maps on the fly using express maps when creating stories. This user type includes an ArcGIS StoryMaps license.
    Note:

    The Storyteller user type provides the ability to create and edit ArcGIS StoryMaps using the ArcGIS StoryMaps app, but provides view-only access to the portal and essential apps.

Note:

Apps that are not included with an assigned user type can be licensed and assigned as needed to specific members as add-on licenses.

User type examples

The following examples illustrate how user types can be applied in an organization:

  • A content creator assigned a Creator user type creates and shares a site selection app with a group of users in their organization. This app allows users to select a specific site and view attribute information about the site that should only be available to employees. A member assigned a Viewer user type can join the group and view and interact with the app.
  • A data editor assigned the Editor user type uses the Crowdsource Manager configurable app to review and clean up data submitted by the public. The data editor can view and update the public data entries to prepare them for publication and analysis.
  • A GIS specialist in a forestry organization is tasked with creating a tree inventory map for forestry technicians to use. The GIS specialist is assigned a GIS Professional Basic user type, which allows her to create complex data models, including subtypes and domains, using ArcGIS Pro. She then publishes the data to ArcGIS Enterprise and creates a web map for forestry technicians to use in ArcGIS Field Maps. Once the map is created, the GIS specialist can test the functionality in ArcGIS Field Maps and share the web map with the appropriate group. Each forestry technician is given an ArcGIS member account and assigned a Mobile Worker user type so they can sign in to Field Maps, find their web maps, and edit the data as needed.

Roles

A role defines the set of privileges assigned to a member. Privileges are assigned to members through a default role or a custom role. Members are assigned a role when they are added to the organization.

If you're not sure what role you were assigned or if you need more information about your role, click the Role Information button Role Information in the Role section of your profile.

Note:

Once a member joins, their role can be changed by administrators and those with privileges to change member roles. Changing roles to or from administrator can be done only by administrators.

Default roles

ArcGIS Enterprise defines a set of privileges for the following default roles:

Note:

A member's user type determines the default roles that can be assigned to the member. User types compatible with each role are noted below.

  • Viewer—View items such as maps, apps, scenes, and layers that have been shared with the public, the organization, or a group to which the member belongs. Join groups owned by the organization. Drag CSV, text, or GPX files into Map Viewer Classic (formerly Map Viewer) to geocode addresses or place names. Get directions in a map viewer and apps. Members assigned the Viewer role cannot create or share content, or perform analysis. The Viewer role is compatible with all user types.
  • Data Editor—Viewer privileges plus the ability to edit features shared by other ArcGIS users. The Data Editor role is compatible with all user types except Viewer.
  • User—Data Editor privileges plus the ability to create groups and content. Users can use the organization's maps, apps, layers, and tools, and join groups that allow members to update all items in the group. Members assigned the User role can also create maps and apps, edit features, add items to the portal, share content, and create groups. The User role is compatible with the Creator, GIS Professional, and Storyteller user types.
  • Publisher—User privileges plus the ability to publish hosted web layers, ArcGIS Server layers, register data stores, publish from data store items, and perform feature and raster analysis. The Publisher role is compatible with the Creator, GIS Professional, and Storyteller user types.
  • Administrator—Publisher privileges plus privileges to manage the organization and other users.

    An organization must have at least one administrator, though two is recommended. There is no limit to the number of members who can be assigned to the Administrator role within an organization; however, for security reasons, you should only assign this role to those who require the additional privileges associated with it. The Administrator role is compatible with the Creator and GIS Professional user types.

To choose a default role assigned to new members, go to Organization > Settings > New member defaults and choose a role from the Role drop-down menu.

Note:

You can only select a default role once a default user type is selected. Only roles that are compatible with the selected default user type will be listed in the drop-down menu.

The following table shows privileges available with the default roles.

Privilege summaryDefault role

Viewer

Data Editor

User

Publisher

Administrator

Use maps, apps, and scenes

Yes

Yes

Yes

Yes

Yes

Use geosearch (search for places and addresses)

Yes

Yes

Yes

Yes

Yes

Use routing and get directions (the portal must be configured for network analysis)

Yes

Yes

YesYesYes

Geocode addresses and place-names

Yes

Yes

YesYesYes

Join groups, except shared update groups

Yes

Yes

Yes

Yes

Yes

Edit features and knowledge graph content

Yes

Yes

Yes

Yes

Join shared update groups

Yes

Yes

Yes

Create groups

Yes

Yes

Yes

Categorize items

Yes

Yes

Yes

Create content

Yes

Yes

Yes

Share portal items

Yes

Yes

Yes

Use standard feature analysis tools

Yes

Yes

Use GeoAnalytics Tools (the portal must be configured for GeoAnalytics)

Yes

Yes

Use raster analysis tools (the portal must be configured for raster analysis)

Yes

Yes

Publish hosted web layers

Yes

Yes

Publish server-based layers

Yes

Yes

Publish scenes

Yes

Yes

Bulk publish from a data store

Yes

Yes

Create a knowledge graph

Yes

Yes

Manage all versions

Yes

Publish web tools

Yes

Create and edit ArcGIS Notebooks

Yes

Schedule notebooks

Yes

Advanced notebooks

Yes

Manage all members, content, and groups

Yes

Manage licenses and apps

Yes

Configure website and security

Yes

Set up and manage collaborations

Yes

Set up organization-specific logins

Yes

Create and modify custom roles

Yes

Change member roles

Yes

Change member user types

Yes

Disable and delete member accounts

Yes

Share organization content with the public when site settings don't allow members to share outside the organization

Yes

Create and own groups that allow members to update all items in the group

Yes

View the location tracks of other users

Yes

Note:

Most of the privileges listed above can also be assigned as part of a custom role; however, some administrative privileges are not available for custom roles as they are reserved for default administrators.

When you federate a server with your portal, the portal's security store controls all access to the server. This provides a convenient sign in experience but also impacts how you access and administer the federated server. For example, when you federate, any users, roles, and permissions that you previously configured on ArcGIS Server services are no longer valid. Access to services is instead determined by portal members' roles and sharing permissions. See Administer a federated server to learn more about how federating will impact your site.

At this release, privileges that correspond to unsupported apps and capabilities in ArcGIS Enterprise on Kubernetes are not supported.

Custom roles

You may want to refine the default roles in your organization into a more fine-grained set of privileges by creating custom roles. For example, your organization may want to assign some members the same privileges as a default Publisher but without allowing them to use GeoEnrichment. This could be achieved by creating a custom role based on the default Publisher role, turning off the GeoEnrichment privilege, and calling the custom role Publisher without GeoEnrichment or something similar.

Only default administrators, or those assigned a custom administrator role with the Member roles privilege, can create and modify custom roles. These administrators can configure custom roles based on any combination of available general and administrative privileges. Once a custom role has been created, any organization member who has the Change roles privilege can assign the role to members.

Note:

A member assigned a custom role that has any publishing privilege (for features, tiles, or scenes) will also be able to create other types of ArcGIS Server services on servers federated with your portal. This functionality may be restricted in a future release to prevent such workflows. It is recommended that if users need the ability to publish ArcGIS Server services, they be added to the default Publisher role.

You have the ability to create custom roles that include administrative privileges to manage the portal settings. This allows administrators to delegate a specific set of administrative tasks to users without giving them the full set of privileges in the default administrator role. For example, a user with a custom role that includes the Organization website privilege will have the ability to manage the portal's website settings without the ability to perform other administrative tasks, such as managing security or server settings.

The privileges that can be granted to a member through a custom role cannot exceed those associated with the member's assigned user type. For example, a member with a Viewer user type cannot be assigned a role with editing privileges.

Privileges

Privileges allow organization members to perform different tasks and workflows in an organization. For example, some members have privileges to create and publish content, while others have privileges to view content but cannot create their own.

General privileges

Members who perform specific tasks within the organization—create maps or edit features, for example—can be assigned the general privileges they need to work and share with groups, content, and features.

General privileges

Members

View

This privilege grants the ability to view members of the organization. When checked, the View privilege allows members to view the Members tab on the Organization page. If not checked, members cannot see the Organization page.

Groups

Create, update, and delete

This privilege allows members to create groups in the portal and control the groups they own.

Join organizational groups

Members of roles that are granted this privilege can be added to organizational groups or request to join groups in the organization. Members can only request to join organizational groups if you also grant the role the privilege to View groups shared with portal. If the role does not have the privilege, View groups shared with portal, members do not see the groups and, therefore, cannot request to join them.

View groups shared with portal

This privilege allows members to discover groups that are configured to allow portal members to view them.

Content

Create, update, and delete

This privilege allows members to create items in the portal and control the items they own. This privilege is required if you grant any of the privileges that allow members to publish, register data stores, or create notebooks.

Publish hosted feature layers

This privilege allows members to publish hosted feature layers to the portal from within the portal and from other apps such as ArcGIS Pro. This privilege is also required when using apps that create hosted feature layers such as ArcGIS Survey123 and ArcGIS Workforce.

Publish hosted tile layers

This privilege allows members to publish hosted tile layers to the portal from within the portal and from other apps such as ArcGIS Pro.

Publish hosted scene layers

This privilege allows members to publish hosted scene layers to the portal from within the portal and from other apps such as ArcGIS Pro.

Publish hosted dynamic imagery layers

Note:

This privilege requires that your deployment be configured for raster analysis.

Publish server-based layers

This privilege allows members to publish ArcGIS Server web layers to ArcGIS Server sites that are federated with the portal. This privilege is also required for members who will bulk publish layers from a data store item.

Publish hosted knowledge graphs

This privilege allows members to publish hosted knowledge graphs in ArcGIS Pro. This privilege is only visible if an ArcGIS Knowledge Server site is configured for your organization.

View content shared with organization

This privilege allows members to access items that are shared with the portal organization.

Register data stores

This privilege allows members of the role to add data store items to the portal.

Create feature layers in bulk from a data store

This privilege allows the owner of a database data store item to publish feature and map image layers from all feature classes and tables that can be accessed in the database.

View location tracks

This privilege grants the ability to view members' location tracks using shared track views when location sharing is enabled.

Create and Edit Notebooks

This privilege allows members to open and run notebooks, including shared notebooks and notebooks created from a notebook file (*.ipynb) imported into the portal, and create and edit notebooks using the ArcGIS Notebooks Standard runtime. This privilege is also required for users who will be executing web tools published from a notebook.

Note:

This privilege is only visible if a Notebook Server is configured for your organization. Additional privileges (such as to manage content or run specialized analysis tools) may be required depending on the workflows performed by the notebook author.

Schedule Notebooks

This privilege allows role members to schedule ArcGIS Notebooks to be run in the future. To schedule a particular notebook, the user must own the notebook or have administrative privileges.

Note:

This privilege is only visible if a Notebook Server is configured for your organization. The Create and Edit Notebooks privilege must be enabled for this privilege to be set.

Reassign content

Allows members to transfer ownership of content they own to another member in the same organization. The member to whom ownership is transferred must have the privilege to receive content.

Receive content

Allows members to receive content transferred to them from members who have the privilege to reassign content.

This privilege is not required to receive content transferred by organization administrators.

Sharing

Share with groups

This privilege allows members to share items they own with any groups to which the member belongs.

Share with portal

This privilege allows members to share any items they own with the portal organization.

Share with public

This privilege allows members to share items they own with everyone, even users who do not sign in to the portal.

Note:

This privilege is only visible when the Members can share content publicly setting is enabled for the organization.

Make groups visible to portal

When you create a group, you specify who can see the group or search for the group. This Make groups visible to portal privilege is required to allow group creators to configure the group to allow portal members to view the group. This privilege is only useful if the role also includes the privilege to create, update, and delete groups.

Make groups visible to public

When you create a group, you specify who can see the group or search for the group. This Make groups visible to public privilege is required to allow group creators to configure the group to allow anonymous portal users to view the group. This privilege is only useful if the role also includes the privilege to create, update, and delete groups.

Content and Analysis

Geocoding

Use ArcGIS World Geocoding Service to convert addresses or places to map points and store the results—for example, when publishing spreadsheets (CSV or Microsoft Excel files) as hosted feature layers. This does not apply to your own locators configured for the organization.

Network Analysis

This privilege grants the ability to perform network analysis tasks such as create drive-time areas.

Standard Feature Analysis

This privilege grants the ability to perform spatial analysis tasks such as create buffers.

GeoEnrichment

This privilege grants the ability to use the GeoEnrichment service to access demographic information.

GeoAnalytics Feature Analysis

This privilege grants the ability to use GeoAnalytics Tools.

Imagery Analysis

This privilege grants the ability to use raster analysis tools. This privilege requires that your deployment be configured for raster analysis.

Advanced Notebooks

This privilege grants the ability to author notebooks using advanced runtimes.

Note:

This privilege is only visible if a Notebook Server is configured for your organization. Additional privileges (such as to manage content or run specialized analysis tools) may be required depending on the workflows performed by the notebook author.

Features

Edit

This privilege grants the ability to edit features based on permissions set on the layer and update schema on a knowledge graph layer.

Edit with full control

Edit with full control: Add, delete, and update features and attributes in editable hosted feature layers, even if the layers are configured to allow fewer editing operations. This privilege also allows members to update schema on a knowledge graph layer.

Version Management

Manage all

This privilege allows role members to view, alter, and delete all branch versions accessed through an ArcGIS Server web feature layer. This privilege also allows role members to manage version locks on these layers.

When you enable this privilege, the following privileges are also enabled by default:

  • The Features > Edit privilege is granted to allow role members to edit data in all versions and perform reconcile and post operations between the default and named branch versions.
  • The Features > Edit with full control is also granted to allow role members to perform all editing operations when the web feature layer has fewer editing capabilities enabled. This is helpful to facilitate quality assurance work during the review of versioned edits. For example, if the web feature layer only has the update operation enabled, Edit with full control additionally allows the reviewer to perform insert and delete operations.

Members of a custom role that has these three privileges are referred to as version administrators.

Note:

At this release, privileges that correspond to unsupported apps and capabilities in ArcGIS Enterprise on Kubernetes are not supported.

Administrative privileges

The privileges listed below can be assigned to custom roles to allow role members to assist the default administrators with managing members, groups, and content in the organization.

Administrative privileges

Members

View all: View all member account information

Update: Update member account information, including resetting passwords

Note:

Only default administrators can reset the passwords of other default administrators.

Delete: Remove member accounts from the portal organization

Add: Add member accounts to the portal organization

Disable: This privilege grants the ability to disable and enable member accounts.

Change roles: Change the role assigned to portal members

Note:

Only members of the default administrator role can add members to or remove members from the default administrator role.

Manage licenses: Manage licenses for organization members

Groups

View all: View groups owned by portal members

Update: Update groups owned by portal members

Delete: Delete groups owned by portal members

Reassign ownership: Reassign ownership of groups

Assign members: This privilege grants the ability to assign your members to, update your members' group role, and remove your members from groups within your portal.

Link to organization-specific group: Link group membership to organization-specific groups

Create with update capabilities: Create and own groups that allow group members to update all items in the group (shared update groups)

Content

View all: View content owned by members

Update: Update content owned by members

Delete: Delete content owned by members

Reassign ownership: Reassign ownership of content

Manage categories: Configure content categories for the organization

Publish web tools: Publish web tools created in ArcGIS Pro to a federated server or publish web tools from a notebook

Portal settings

Security and infrastructure: Manage the portal's security settings

Members of roles with this privilege can configure the following in the portal's organization settings:

  • General: Administrative contacts
  • Items: Comments
  • New member defaults: User type, Role, Add-on licenses, Groups
  • Security: Policies (HTTPS, Access and permissions, Sharing and searching), Password policy, Logins, Multifactor authentication, Access notice, Information banner, Trusted servers, Allow origins, Allow portal access, Apps, Email settings

Members of roles with this privilege can also import a new license file, view the portal logs, update the portal log settings, and clean the portal logs.

Organization website: Manage the portal's website settings

Members of roles with this privilege can configure the following in the portal's organization settings:

  • General: Organization profile (Name, Summary), Contact link, Organization defaults (Language, Number and date format), Shared theme, Help source
  • Home page: Header, Content blocks, Footer, Colors, and Typography
  • Gallery: Show in gallery
  • Map: Primary map viewer, Basemap gallery, Map defaults (Default basemap, Default extent, Units), Bing maps, Configurable apps, Web styles, Analysis layers
  • Items: Metadata, Organization categories
  • Groups: Featured groups, Configurable apps

Members of roles with this privilege can also view the portal logs.

Collaborations: Manage the portal's collaborations

Members of roles with this privilege can configure and manage Collaborations in the portal's organization settings. These members can also view the portal logs.

Member roles: Manage the portal's member roles

Members of roles with this privilege can configure Member roles in the portal's organization settings and change a member's role. These members can also view the portal logs.

Servers: Manage the portal's server settings

Members of roles with this privilege can configure the following in the portal's organization settings:

Members of roles with this privilege can also view the portal logs, update the portal log settings, and clean the portal logs.

Utility services: Manage the portal's utility service settings

Members of roles with this privilege can configure the following in the portal's organization settings:

Members of roles with this privilege can also view the portal logs.

Note:

At this release, privileges that correspond to unsupported apps and capabilities in ArcGIS Enterprise on Kubernetes are not supported.

Privileges reserved for default administrators

Certain administrative privileges are reserved for members of the default administrator role and are not available for custom roles. For example, only default administrators can remove other administrators from the organization. The following is a list of privileges reserved for default administrators:

  • Create and manage administrative reports
  • Change member role to or from administrator
  • Delete other administrators from the organization
  • Reset the passwords of other default administrators
  • Share organization content with the public when site settings don't allow members to share outside the organization
  • Create and own administrative groups
  • Create backups of your ArcGIS Enterprise deployment
  • Categorize members in your organization

Privileges for common workflows

Some workflows require a combination of privileges. If you are unable to perform a function that you think your role should allow you to perform, verify that your administrator has enabled the full set of privileges required for the function.

WorkflowRequired privileges

Use the standard feature analysis tools

  • Create, update, and delete (Content)
  • Publish hosted feature layers
  • Standard Feature Analysis
Note:

Some tools require additional privileges to use GeoEnrichment or network analysis. See Perform analysis for requirements per tool.

Use GeoAnalytics Tools

  • Create, update, and delete (Content)
  • Publish hosted feature layers
  • GeoAnalytics Feature Analysis

Use raster analysis tools

  • Create, update, and delete (Content)
  • Publish hosted feature layers
  • Imagery Analysis

Publish hosted feature and WFS layers

  • Create, update, and delete (Content)
  • Publish hosted feature layers

Publish hosted tile layers

  • Create, update, and delete (Content)
  • Publish hosted tile layers

Publish hosted scene layers

  • Create, update, and delete (Content)
  • Publish hosted feature layers
  • Publish hosted scene layers

Publish hosted imagery layers

  • Create, update, and delete (Content)
  • Publish hosted dynamic imagery layers

Create knowledge graphs from ArcGIS Pro

  • Create, update, and delete (Content)
  • Publish hosted knowledge graphs

Publish apps from a map viewer or a group page

  • Create, update, and delete (Content)
  • Share with groups, Share with portal, or Share with public

Embed maps or groups

  • Create, update, and delete (Content)
  • Share with public

Author notebooks

  • Create, update, and delete (Content)
  • Publish hosted feature layers
  • Create and Edit Notebooks
  • Advanced Notebooks (required to use ArcPy in notebooks)

Reassign ownership of your items to another member

  • View (Members)
  • Create, update, and delete (Content)
  • Reassign content (Content)
Note:

Only members who have the privilege to receive content can become owners of your reassigned content.

Manage content owned by members

  • View all (Members)
  • View all (Content)
  • Update (Content)
  • Delete (Content)
  • Reassign ownership (Content)

Manage groups owned by members

  • View all (Members)
  • View all (Groups)
  • Update (Groups)
  • Delete (Groups)
  • Reassign ownership (Groups)
  • Assign members (Groups)

Manage member profiles

  • View all (Members)
  • Update (Members)

Manage the portal's security and infrastructure

  • View (Members)
  • View groups shared with organization (Groups)
  • View all (Members)
  • View all (Groups)
  • Security and infrastructure (Portal settings)

Manage the portal's website settings

  • View (Members)
  • View groups shared with organization (Groups)
  • Create, update, and delete (Content)
  • View content shared with organization (Content)
  • Share with groups (Sharing)
  • Share with portal (Sharing)
  • Share with public (Sharing)
  • Make groups visible to the portal (Sharing)
  • Make groups visible to the public (Sharing)
  • View all (Members)
  • View all (Groups)
  • Update (Groups)
  • View all (Content)
  • Update (Content)
  • Manage categories (Content)
  • Organization website (Portal settings)

Manage the portal's collaborations

  • View (Members)
  • Create, update, and delete (Groups)
  • View groups shared with organization (Groups)
  • Create, update, and delete (Content)
  • Publish hosted feature layers (Content)
  • View content shared with organization (Content)
  • Share with groups (Sharing)
  • View all (Members)
  • View all (Groups)
  • Update (Groups)
  • View all (Content)
  • Update (Content)
  • Delete (Content)
  • Collaborations (Portal settings)

Manage the portal's member roles

  • View (Members)
  • View all (Members)
  • Change roles (Members)
  • Member roles (Portal settings)

Change a member's user type

  • View (Members)
  • View all (Members)
  • Update (Members)
  • Change role (Members)
  • Manage licenses (Members)

Manage the portal's server settings

  • View (Members)
  • Create, update, and delete (Content)
  • Servers (Portal settings)
  • Utility services (Portal settings)

Manage the portal's utility service settings

  • View (Members)
  • Create, update, and delete (Content)
  • Publish hosted feature layers (Content)
  • Utility services (Portal settings)

Import new license file

  • View (Members)
  • View groups shared with organization (Groups)
  • View all (Members)
  • Manage licenses (Members)
  • View all (Groups)
  • Security and infrastructure (Portal settings)

Add, update, and delete features on editable hosted feature layers even if the hosted feature layer is configured to Only update feature attributes or Only add new features

  • Edit features (Features)
  • Edit with full control (Features)

Perform quality assurance reviews, reconcile, and post edits between ArcGIS Server feature services that contain branch versioned data.

  • Manage all (Version Management)
  • Edit features (Features)
  • Edit with full control (Features)
Note:

At this release, privileges that correspond to unsupported apps and capabilities in ArcGIS Enterprise on Kubernetes are not supported.