Juniper Apstra provides four system-defined user roles that are available in the Apstra GUI
environment. They are: administrator, device_ztp, viewer, and user1. Based on the web search
results, we can infer the following statements:
viewer: This role includes permissions to only view various elements in the Apstra system, such as
blueprints, devices, design, resources, external systems, platform, and others. Users with this role
cannot create, edit, or delete any element12.
user: This role includes permissions to view and edit various elements in the Apstra system, such as
blueprints, devices, design, resources, external systems, platform, and others. Users with this role
cannot create or delete any element12.
authorized: This is not a system-defined user role in Juniper Apstra. It is a term used to describe users
who have been authenticated by an external system, such as LDAP, Active Directory, TACACS+, or
RADIUS3.
root: This is not a system-defined user role in Juniper Apstra. It is a term used to describe the
superuser account on a Linux system, which has full access to all commands and files. Creating a user
in the Apstra GUI does not provide that user access to the Apstra platform via SSH. To access the
Apstra platform via SSH, you must create a local Linux system user4. Reference:
User / Role Management Introduction
User/Role Management (Platform)
AAA Providers
User Profile Management
