Postmortem permissions seem to have changed

There seems to be a change lately (either by me, or by PD) that updated the permissions on the postmortem pages. My users are set to “Restricted” at the global level, and Responder at the Team level. About 1-2 weeks ago, they all suddenly lost the ability to open/edit/create postmortems.

They get an 403 error:

And today, it seems that they are not even able to get to the postmortem page at all.

Any insights as to what happened?

Hi Jarrett,

Check out our docs here on what role you need to have to allow Access to postmortems. Currently this is set to Observer level at the minimum.


Thanks, John,

The challenge is that if I give them Observer at that level, they can see all incidents from all teams, correct? That defeats the purpose of having teams, as some of the teams have special security implications if their incidents are exposed.

Any ideas on that?

Hi Jarret,

We’ve recently implemented base role permissions on the postmortems which require observer base roles or higher to access all postmortems. Previous to the recent change, restricted users had access to view and edit all postmortems regardless of team permissions.

Respecting team permissions would be the next step with accessing postmortems which we hope to be available in a future update.

Excellent! I thought I was going crazy and I had changed something. I appreciate the update, that is great. I have temporarily updated my user’s base rights and await future updates to the postmortems.