The permission structure in the Intelligence Center separates permissions in the following groups:

Permissions users require to configure and to manage Intelligence Center settings, features, and functionality.
Permissions users require to access and to consume Intelligence Center data.

Actions and permissions to access and consume data

The following table shows the permissions roles and users require to carry out actions on Intelligence Center data and resources.

	Action	Steps	Permissions
1	View the Intelligence Center dashboard.	In the left navigation bar, select Dashboard .	read entities read extracts read outgoing-feeds read tickets
2	View ingested entities.	In the left navigation bar, go to Search > GO TO SEARCH AND BROWSE > Entities.	read entities
3	View an entity detail pane, including any content in the detail pane tabs.	In the left navigation bar, go to Search > GO TO SEARCH AND BROWSE > Entities, select an entity in the overview, and open the corresponding entity detail pane.	read destinations read entities read extracts read history-events read intel-sets read sources read taxonomies read tickets read workspaces
4	Create a new entity. Edit an existing entity. Delete an existing entity.	In the left navigation bar, go to Search > GO TO SEARCH AND BROWSE > Entities > Create entity + to create a new entity.	modify draft-entities (to save as draft) modify entities read extracts read sources read taxonomies
5	View ingested observables.	In the left navigation bar, go to Search > GO TO SEARCH AND BROWSE > Observables.	read entities read extracts
6	View an observable detail pane, including any content in the detail pane tabs.	In the left navigation bar, go to Search > GO TO SEARCH AND BROWSE > Observables, select an observable in the overview.	read destinations read entities read extracts read intel-sets read tickets read users read workspaces
7	Create a new observable.	In the left navigation bar, go to Search > GO TO SEARCH AND BROWSE > Observables > Create observable +.	modify extracts
8	View manually uploaded files.	In the left navigation bar, go to Search > GO TO SEARCH AND BROWSE > Uploads.	read blob-uploads
9	View an uploaded file detail pane, including any content in the detail pane tabs.	In the left navigation bar, go to Search > GO TO SEARCH AND BROWSE > Uploads, click an uploaded file under Recently uploaded files, and open the corresponding uploaded file detail pane.	read blob-uploads read content-types read entities read source read users
10	Manually upload a file. View an uploaded file detail pane, including any content in the detail pane tabs.	In the left navigation bar, go to Search > GO TO SEARCH AND BROWSE > Uploads tab, and then manually upload a file; or click an uploaded file under Recently uploaded files to open the corresponding uploaded file detail pane.	modify blob-uploads read content-types read entities read groups
11	View datasets.	In the left navigation bar, go to Search > GO TO SEARCH AND BROWSE > Datasets.	read intel-sets
12	View a dataset detail pane, including any content in the detail pane tabs.	In the left navigation bar, go to Search > GO TO SEARCH AND BROWSE > Datasets, select a dataset in the overview, and open the corresponding dataset detail pane.	read entities read intel-sets
13	Create a new dataset. Edit an existing dataset. Delete an existing dataset.	In the left navigation bar, go to Search > GO TO SEARCH AND BROWSE > Datasets > + (Create dataset).	modify intel-sets modify workspaces read workspaces
14	View saved graphs.	In the left navigation bar, go to Graphs > Saved graphs >.	read entities read graphs
15	Create a new graph. Load an existing graph to view it and to edit it. Delete an existing graph.	In the left navigation bar, go to Graphs > Saved graphs > Create graph +.	modify graphs read entities read workspaces
16	View entities created with the Intelligence Center entity editor.	In the left navigation bar, go to Search > GO TO SEARCH AND BROWSE > Entities.	read draft-entities read entities
17	Create a new entity in the entity editor. Edit an existing entity in the entity editor. Delete an entity previously created in the entity editor.	In the left navigation bar, select Create + and create a new entity.	modify draft-entities modify entities modify extracts read draft-entities read entities read extracts read groups
18	View newly discovered entities.	In the left navigation bar, go to Discovery .	read discovery-rules read entities read source
19	View exposed entities.	In the left navigation bar, go to Exposure > Entities.	read entities
20	View an exposed entity detail pane, including any content in the detail pane tabs.	In the left navigation bar, go to Exposure > Entities. select an entity in the overview, and open the corresponding entity detail pane.	read destinations read entities read extracts read history-events read intel-sets read sources read taxonomies read tickets read workspaces
21	Edit an existing exposed entity. Delete an existing exposed entity.	In the left navigation bar, go to Exposure > Entities.	modify draft-entities (to save as draft) modify entities read extracts read sources read taxonomies
22	View exposure settings.	In the left navigation bar, go to Exposure > Settings tab.	read configurations
23	Edit exposure settings.	In the left navigation bar, go to Exposure > Settings tab > Edit exposure settings.	modify configurations
24	View outgoing feed setup for exposure.	In the left navigation bar, go to Exposure > Outgoing feeds tab.	read content-type read outgoing feeds read transports
25	View workspaces.	In the left navigation bar, go to Workspaces .	read graphs read workspaces
26	Create a new workspace. Edit an existing workspace. Delete an existing workspace.	In the left navigation bar, go to Workspaces > Create workspace +.	modify workspaces
27	Add MITRE ATT&CK classifications to entities.	In the entity builder, select + Add ATT&CK classification.	read attack modify entities
28	View and install knowledge packs.	In the left navigation bar, go to Data configuration > Knowledge packs.	install knowledge-packs read knowledge-packs