My goal:
Restrict a user so they only have access to the staging environment, with no visibility or access to production.
Issue:
When we add a new user and assign what appears to be a staging-specific role, the user still defaults to seeing the production environment. We’re unable to isolate them to staging only.
Steps I've taken to troubleshoot:
-
Created a group for staging-only users
-
Granted access to apps and resources inside that group
-
Tested permission levels:
-
With Use permission → user only sees default production, not staging
-
With Edit permission → user can see both staging and production, but also gains edit access (which we do not want)
-
Question:
How can we:
-
Grant view/use access to staging environment
-
Avoid granting edit permissions