Blackfire’s new Access Management feature has arrived

By Thomas di Luccio, on Nov 02, 2022

More people, more projects, more activity. Organizational growth can be great, but it often means that, with so much going on, it’s increasingly difficult to manage user permissions and access across the platforms you use.

Who has access to what? What permissions do they have? How many people already have those permissions? Do they really need them? There are a lot of questions to ask and answer.

Well, Blackfire’s new Access Management feature has been designed to answer them for you. By providing greater visibility over your organization’s user activity, this new feature empowers you to manage your user access and permissions widely and effortlessly. Allowing you to grow as a team, without losing control – let’s get into the details.

Access Management organizational roles

With our new Access Management feature, there are a number of roles which can be assigned to individuals within an organization. Each with its own set of responsibilities and limitations.

Owner

Our new Access Management feature grants the owner of your organization with full access and permissions. They will be the only member of the organization with this level of control to ensure efficient, effective user access management going forward. Although, with great power comes great responsibility, as this duty cannot be shared, but can be transferred by getting in touch with Blackfire support.

But if you’re an Owner – fear not. We’re not going to burden you with the responsibility of configuring the environments and managing access all on your own – we know you’ve got your own day-to-day tasks to take care of. This is where the Admin role comes into play.

Admin

The Admin will be able to delegate most of the access and permissions of the Owner to specific users of their choice. They are responsible for managing the number of people with access and the exact type of access they have. As well as being able to perform all actions within the Organization and all of its Environments – both existing and yet to be created – but only the Owner has the power to delete the Organization. Such power, wow!

Members

Users can also be added as Members of the Organization. This role can grant the user access to certain environments or none at all, depending on what’s required from the user. Members of the Organization can also view the Organization’s usage and the other members who also have access to the Environment.

Billing Managers

The final role is the Billing Manager, who is able to oversee the subscription, view the Organization’s usage, and access invoices. Essentially the Billing Manager can access all the necessary financial information and data for the Organization. This role in particular has been widely requested, and finally the wait is over!

Role costs

Only the users who are accessing performance-related data are using paid seats, meaning that once a user has access to an Environment, they will be considered a paid seat. This means that Billing Managers and Members are free to add, unless they’re added to an Environment.

Access Management roles per Environment

At the Environment level, the Admins can already perform all of the actions available, including even deleting it. However, Admins also have the ability to grant another user ‘Manager’ access to the Environment as well. But, what does this mean?

Managers

Managers can perform most of the actions available within the Environment they’ve been granted access to, including adding other users and updating Environment settings. However, they cannot delete the Environment and cannot access other Environments they have not been granted access to. This role is designed for users who only need access to a particular Environment to conduct certain activities, but don’t require access to the full Organization.

Environment Contributor

An Environment Contributor is an organization member who has access to all the Environment’s Observability data but cannot update any settings or configuration. Meaning they can access the Environment to gather the information they need, but cannot make changes. As they have access to an Environment and performance-data, they are considered paid seats.

Who does Access Management benefit?

So, how does the new Access Management feature work in action? Who is it for? Let’s explore some use cases that will show you exactly that. 

Accountants and the Finance Team 

The Billing Manager role enables users to manage everything related to billing, without the need to take any paid seats. This means that Accountants and Finance Teams can get the information they need, without adding anything else onto the bills at the end of the month. 

Lead Developers and Staff Engineers 

Lead Developers and Staff Engineers can be made Admins for the Organization. As they’re likely to contribute in most Environments and applications, and this role enables them to do exactly that. They will also be able to manage their teams’ permissions to ensure that everyone can access the resources they need. 

Agencies

Agencies owning Blackfire subscriptions can add their customers as Environment Contributors or they can be added as Environmental Contributors themselves if the customer owns the subscription. With this role, users can access monitoring, profiling and performance tests data which can help inform their strategy and projects going forward. Perfect! 

Onboarding and offboarding

The Organization access settings provides a one-click promotion of a user to an Admin role, as well as a one-click removal process of users from the Organization. Any users removed via this process will be removed from the Organization and all Environment they may have access to. Ensuring that the onboarding and offboarding process of users who are transitioning into or out of the organization is always simple.

Owners and Admins

This new Access Management feature is designed for simplicity and efficiency. That’s why it offers the ability to get a clear overview of all of the Environments a specific user has access to and allows Owners and Admins to make changes to that access immediately.

The introduction of the new Access Management feature has been driven by our customers’ feedback and we’re excited to be introducing it now. We’d also like to thank our beta testers who helped us to advise us on how to make the feature as great as possible. 
Please feel free to share your feedback on the Access Management feature or beta test for yourself on some of our new features soon to be released.

Happy Performance Optimization!

Thomas di Luccio

Thomas is a Developer Relations Engineer at Platform.sh for Blackfire.io. He likes nothing more than understanding the users' needs and helping them find practical and empowering solutions. He’ll support you as a day-to-day user.