About Profiles

A profile is assigned to each user account within an organization and determines the permissions available to that user in that context.

This topic provides a general overview of how profiles work in TheHive.

Profile types

Two types of profiles are available in TheHive:

• Administration: Reserved for users who belong to the Admin organization
• Organization: Used for all users across Non-Admin organizations

Profile permissions

Each profile contains a set of permissions that define what users can do within the platform.

Permissions follow the format manageEntity, where Entity represents a specific component of the application. For example, the manageCase permission allows users to create, update, and delete cases.

Predefined profiles

TheHive includes a set of predefined profiles:

• Analyst
• Admin
• Org-admin
• Read-only

These profiles can't be modified or deleted—except for the analyst profile.

Gold Platinum This set can be extended by creating custom profiles tailored to specific needs.

Licensed vs. unlicensed profiles

5.4.3

TheHive separates permissions into two types for organization-type profiles:

• Licensed: Consume a Gold or Platinum license
• Unlicensed: Don't affect license usage

These permissions don't require a license:

• manageDashboard
• manageUser
• manageConfig
• manageKnowledgeBase

When creating or editing a profile, licensed permissions are clearly marked to help identify which ones affect license usage. When assigning a user to an organization, profiles that include at least one licensed permission are also marked accordingly.

All permissions included in administration-type profiles don't require a license.

Permissions

Required permissions

Only users with an admin-type profile that has the manageProfile permission can manage permission profiles in TheHive.

Next steps

• Create a Profile
• Add or Remove Permissions from a Profile
• Delete a Profile