Additional Privileges
Learn how to add specific privileges on top of predefined roles.
Even though Infisical supports full-fledged role-base access controls with ability to set predefined permissions for user and machine identities, it is sometimes desired to set additional privileges for specific user or machine identities on top of their roles.
Infisical Additional Privileges functionality enables specific permissions with access to sensitive secrets/folders by identities within certain projects. It is possible to set up additional privileges through Web UI or API.
To provision specific privileges through Web UI:
Click on the
button next to the set of roles for user or identities. -
Add Additional Privileges
in the corresponding section of the permission management modal. -
Fill out the necessary parameters in the privilege entry that appears. It is possible to specify the
andSecret Path
to which you want to enable access. It is also possible to define the range of permissions (View
) as well as how long the access should last (e.g., permanent or timed). -
Click the
button to enable the additional privilege.