Organization roles

A role defines the privileges that a member has within the organization. ArcGIS defines a set of privileges for three default roles—User, Publisher, and Administrator—and also allows organizations to define privileges at a more detailed level by creating and assigning custom roles.

Default roles

  • User—See a customized view of the site, use the organization's maps, apps, layers, and tools, and join groups owned by the organization. Users can also create maps and apps, add items, share content, and create groups.
  • PublisherUser privileges, plus the ability to publish features and map tiles as hosted web layers. They can also perform analysis on layers in maps.
  • AdministratorUser and Publisher privileges, plus privileges for managing the organization and other users. Those who are assigned the Administrator role are called default administrators. An organization must have at least one default administrator, but there can be an unlimited number of default administrators in an organization. For example, if an organization has five members, all five members can be default administrators.

The following table shows the privileges defined for each of the default roles.

Privilege

Default role

User

Publisher

Administrator

Use maps and apps

YesYesYes

Use subscriber content

YesYesYes

Use premium content

YesYesYes

Create content

YesYesYes

Share maps, apps, and scenes

YesYesYes

Join and create groups

YesYesYes

Edit features

YesYesYes

Publish hosted web layers

YesYes

Perform analysis

YesYes

Manage Open Data sites

Yes

Invite users to organization

Yes

Manage organization resources

Yes

View subscription status

Yes

Configure website

Yes

Create custom roles

Yes

ArcGIS Marketplace provider (requires organization authorization)

Yes

Set up enterprise logins

Yes

Manage credit budgets

Yes

Enable and disable Esri access on member accounts

Yes

Disable multifactor authentication on member accounts

Yes

Change member role to or from Administrator

Yes

Remove other administrators from the organization

Yes

Move member content to different folders within the member's My Content page

Yes

Share content with public when organization does not allow members to share outside the organization

Yes

Create and own groups that allow members to update all items in the group

Yes

Custom roles

Organizations might want to refine the default roles into a more fine-grained set of privileges. For example, members who work with the organization's private maps and apps but do not need to create content can be added to the organization in a custom-defined viewer role. In addition, some administrative tasks such as inviting users or managing content can be designated to members through a custom role.

Only default administrators—that is, those who have been assigned the Administrator role—can create, configure, and assign custom roles. Default administrators configure custom roles based on any combination of the general and administrative privileges listed below.If you have a custom role, ask your administrator for a list of associated privileges.

General privileges

Members who perform specific tasks within the organization—create maps or edit features, for example—can have custom roles that give them the general privileges they need to work and share with groups, content, and features.

Custom roles: General privileges

Groups

Create, update, and delete

Join organizational groups

Join external groups

Content

Create, update, and delete

Publish hosted feature layers

Publish hosted tile layers

Publish hosted scene layers

Sharing

Share with groups

Share with organization

Share with public

Make groups visible to organization

Make groups visible to public

Make groups available to Open Data

Premium Content

Geocoding: Use Esri World Geocoder to convert addresses to map points (geocoding) such as when publishing a CSV file of addresses as hosted feature layers or adding a CSV file of addresses to a map (does not apply to custom geocoders configured for the organization)

Network Analysis: Perform network analysis tasks such as create drive-time areas

Spatial Analysis: Perform spatial analysis tasks such as create buffers

GeoEnrichment: Use GeoEnrichment to enrich features

Demographics: Use premium demographic map layers

Elevation Analysis: Perform elevation analysis tasks on elevation data

Features

Edit: Edit features based on permissions set on the layer

Edit with full control: Edit features with full control on editable hosted feature layers

Open Data

Manage Open Data site(s)

Administrative privileges

The privileges listed below allow custom roles to assist the default administrators with managing members, groups, and content in the organization. These custom administrative roles do not include the full set of privileges reserved for default administrators—that is, those assigned the Administrator role.

Custom roles: Administrative privileges

Members

View all: View all member account information

Update: Update member account information

Invite: Invite members to the organization

Disable: Disable members from the organization

Change roles: Change roles of members

Manage licenses: Manage licenses for members

Groups

View all: View group owned by members

Update: Update group owned by members

Delete: Delete group owned by members

Reassign ownership: Reassign ownership of groups

Assign members: Assign members to groups and remove members from groups

Content

View all: View content owned by members

Update: Update content owned by members

Delete: Delete content owned by members

Reassign ownership: Reassign ownership of content

ArcGIS Marketplace subscriptions

Request purchase information: Request purchase information in ArcGIS Marketplace

Start trials: Start trials in ArcGIS Marketplace

Privileges for common workflows

Some workflows require a combination of privileges. If you cannot perform a function that you think your role should allow you to perform, verify that your administrator has enabled the full set of privileges required for the function.

In order to...

You need privileges to....

Use the analysis tools

  • Create content
  • Publish hosted feature layers
  • Use spatial analysis

Publish hosted feature layers

  • Create content
  • Publish hosted feature layers
  • Use geocoding (to publish CSV files with addresses)

Publish hosted tile layers

  • Create content
  • Publish hosted tile layers

Publish hosted scene layers

  • Create content
  • Publish hosted feature layers
  • Publish hosted scene layers

Publish hosted elevation layers

  • Create content
  • Publish hosted tile layers

Publish apps from the map viewer or group page

  • Create content
  • Share items (with groups, organization, or public)

Embed maps or groups

  • Create content
  • Share items with public

Manage content owned by members

  • View all member account information
  • View content
  • Update content
  • Delete content
  • Reassign content

Manage groups owned by members

  • View all member account information
  • View group
  • Update group
  • Delete group
  • Reassign group
  • Add member to group

Manage member profiles

  • View all member account information
  • Update member account information

Make groups available to open data sites

  • Make groups visible to public
  • Make groups available to open data sites

View subscription status

  • View all member account info
  • View all content
  • View all groups

Add, update, and delete features in hosted feature layers that have editing enabled for add or update only

  • Edit features
  • Edit with full control