Organizations view

Use the Organizations view to manage access to your software catalog with the same hierarchy as your business units and third-party vendors. This view is structured in a parent-descendant relationship with applications and nested business units.

Access Control

Access is granted by assigning a user a specific role for an organization or application. The user will fill that role for the organization and its descendants. Use the default roles or create custom roles from the system preferences.

See the Role Management documentation for details.

Governance Policy

Policies are the rules that define the risk tolerance for your organization's use of open source. Sonatype provides a reference policy set you may use or customize to meet your organization's requirements. Policies are best set at the highest level to be inherited by all organizations and applications. You may narrow the inherence of certain policies using application categories to scope the policies to a subset of applications.

See Policy Management for details on creating policies.

Adding organizations and applications

Organizations and applications may be added from the side navigation by selecting the plus sign next to the headers. Organization and application names must be unique even when nesting inside other organizations.

The Application ID is used to reference your applications during evaluations using the scanner tools or API.

Applications and Organizations may also be added using the API.