IBM Cloud Docs
Managing IAM access for Discovery

Managing IAM access for Discovery

Share a preview of your search application or build a team to work on a project. You can give team members access to your Discovery service instance through IBM Cloud.

IBM Cloud

The information in this topic applies to managed deployments only.

Access to IBM Cloud service instances is controlled by IBM Cloud® Identity and Access Management (IAM). Every person who accesses Discovery in your account must be assigned an access policy with an IAM role.

Only an owner of the service account can add users. For more information, see Managing access to resources.

Platform roles

A platform role controls a person's ability to access a service instance in IBM Cloud.

To give someone access to your service instance, assign them any platform role other than Viewer. A person with the Viewer role cannot access the product user interface. All of the other roles allow users to perform all tasks.

Service roles

A service role controls what a person can do in Discovery.

With Discovery, anyone who can access a Discovery instance can perform all actions. The only limitation is with the Reader role; anyone with reader-level access cannot submit API POST requests.