Registry administrators can configure roles with the needed level of security privileges so that users can perform job functions. Security options include read, browse, search, insert, update, associate, delete, and version administered item information.

Roles can be assigned to one or more users and users can be assigned to multiple roles. Only authorized users can create roles. The combination of roles that are assigned to the user and steward assignment (at the administered item level), establishes the user's privileges for Administered Items.

Role privileges including read, create, update, delete and restore can be configured for all objects in the Registry.

User groups allow you to grant a group of users the same privileges without granting privileges to users individually. User groups are not hierarchical.