Unified login new and changed roles
Welcome note
Unified login is in the process of being applied to all users throughout September 2025.
Access the pre-existing documentation here: Administration.
Intro
The unification of administration for Bloomreach products introduces some new roles and changes some preexisting roles.
All products
- Supervisors for cloud organizations, workspaces, and projects will gain access by default. After creating a cloud organization or workspace, wait up to 10 minutes (but usually faster) to see it in the my-account hierarchy.
- Cloud organization supervisors receive the CloudOrganizationAdmin role.
- Workspace supervisors receive the WorkspaceAdmin role for Engagement.
Changed roles
These preexisting roles are changed in either name, permissions, or both.
| Old role name(s) | New role name | Application |
|---|---|---|
| Account admin | Workspace admin | Engagement |
| Account IAM Admin | Workspace IAM Admin | Engagement |
| SSO Account Admin | SSO Admin (Cloud Organization scope) | Engagement |
| DiscoveryIAMAdmin | CloudOrganizationAdmin (only needed role to manage users in Discovery) | Discovery |
| Users Admin | Discovery API Key Manager | Discovery |
New roles
| New role name | Application | Description |
|---|---|---|
| Cloud Organization Admin | Admin Panel | Can manage and list cloud organizations. |
| Workspace Engagement IAM Admin | Engagement | Can manage users on Workspace level for Engagement-related resources |
| Workspace Discovery IAM Admin | Admin Panel | Can manage users in connected Discovery org. level for Discovery-related resources |
| Workspace IAM Admin | Admin Panel | Can manage users across workspace and its resources. Combines "Workspace DIS IAM Admin" and "Workspace ENG IAM Admin" roles |
| Discovery API Key admin | Admin Panel | Manage Discovery API keys |
Updated 2 months ago