Skip to main content
Question

Technical User with "non-admin" role vs Quality seal

  • June 5, 2026
  • 3 replies
  • 17 views
Fab
Forum|alt.badge.img

Hi all, 

General question concerning the expected behavior of the Integration Users vs Quality Seal. 

As Admins ( UI users) can change any fact sheets without breaking the quality seal. And Admins (technical users) can change fact sheets without breaking the quality seal. 

If my technical user is a “member” (i.e.not Admin) with limited scope on only specific fact sheets and updates fact sheets using APIs, will it break the quality seal? 

 

I'm a bit cautious in using Admin in integrations as those users should normally only have scopes to manipulate fact sheets and nothing else. 

Fabien

    3 replies

    abenedete
    • abenedete
    • Rookie
    • June 5, 2026

    I am actually facing this challenge right now.

    I created an automation (using a technical user associated to a role that can ONLY update a few attributes only in the Application fact sheet, using APIs, at weekly base.

    But it is breaking the quality seal 😢

    I wonder if there is a parameter in the API call to avoid that (or maybe an attribute we could create associated to the technical user).

     

    Fab
    Forum|alt.badge.img
    • Fab
    • Author
    • Veteran
    • June 5, 2026

    I am actually facing this challenge right now.

    I created an automation (using a technical user associated to a role that can ONLY update a few attributes only in the Application fact sheet, using APIs, at weekly base.

    But it is breaking the quality seal 😢

    I wonder if there is a parameter in the API call to avoid that (or maybe an attribute we could create associated to the technical user).

     

    OK then perhaps the user has to be ADMIN + Restricted Customer Role. The caveat is that the integration user is opened to much more than the fact sheets scopes… :-/

    Unless the integration user puts back the Quality Seal to Approved, which then creates unnecessary events.

    Wondering what is the best practice here… 

    Fabien
    abenedete
    • abenedete
    • Rookie
    • June 5, 2026

    I may try that (ADMIN)… but I am not comfortable (I tried to remove all permissions from that custom role as possible)… but I am not sure what may still be opened (if I set it to ADMIN).

    The integration should not just set it to “approved”, it should retrieve the original state and try to preserve it (too much additional work, and it may fail).

    Terms & ConditionsAccessibility statement