Skip to main content


RBAC roles

RBAC lets admins restrict the pages a specific end-user can view and how those pages are populated. Application tagging is intertwined with RBAC. While it is possible to use RBAC without defining application tags, its usefulness is limited. See What is tagging? if you are not familiar with the concept of tagging and how to generate tags for Unravel to use.

The end-user's access is restricted based upon three factors
  1. Tags for the end-user

    You can create tags for

    End-users are then associated with the tags via LDAP or SAML.

    When RBAC is turned on, an end-user's view is filtered based upon their tags. For instance, if a user only has the defined tag dept:marketing they can only see applications tagged with dept:marketing.

  2. Unravel default tag

    The default tag is used to filter the end-user's view. It is set to Username by default.

  3. Mode

    The following options are available for mode:

What the end-user sees when RBAC is turned on

The available pages based on the user restriction mode, applications based on tags, which are filtered by users.


If the default command is not set and an end-user has no tags, the viewable pages are populated (blank).