Roles and Permissions

1. Permission Based Deployments

Blue Canvas allows you to configure who is allowed to deploy where.

On a per branch basis, you can select:

  1. Who is allowed to create Deployment Requests.
  2. Who is allowed to review Deployments Requests.
  3. Who is allowed to review their own Deployments Requests.
  4. Who is allowed to execute Deployments Requests.

A user who is allowed to approve a Deployment Requests may review and approve or reject a deployment request. However, they can not execute an actual Deployment unless they have the permission to accept it.

When a user has the ability to create Deployments they can initiate a Deployment from a source org to a target org and trigger validation.

However, they can only approve the Deployment by clicking Quick Deploy and they can only do that if they have permission to deploy to the target org.

To set up permissions, navigate to the Permissions section of the Authentication section in Account Settings.

You can configure which user types are allowed to deploy to which environments on this page.


Default Roles and Permissions

By default, there are three deployment roles in the system, Owners, Release Managers, and the Default Role.

By default everyone is allowed to create, review and execute a deployment, but no one is allowed to review their own deployments.

2. Role Management

To manage roles existing in your team you may go to the Roles section of the Authentication section in Account Settings. You may create, delete and update roles.


You may not remove a role that still has any users in it - in particular the Owner role.

Display name is used in most places, including all drop-downs and combo boxes in the user and permission configuration. Backend name is used in APIs as an identifier, and may eventually appear in links.