The Access Control List (ACL) in Spectrum Spatial is a list of permissions attached to named resources or to folders in the Spectrum Spatial repository. Permissions can be granted to enable users to render maps, query or edit features, or to manage folders and resources within the repository. Permissions can be assigned to either users or roles. Users will inherit all of the permissions from the roles to which they belong.

The way permissions are defined has been fully revised in this version. When upgrading previous versions of Spectrum, the permissions will be migrated to the new model. Also new in this release, it is now also possible to grant permissions on repository folders to allow users other than admin to manage specific folders in the repository. Users with these permissions are referred to as sub-admins. A new ACL service API has been provided to facilitate listing, adding, and removing permissions. In future releases of Spectrum, a new User Interface in Spectrum Spatial Manager will be provided to manage permissions, which will replace the UI in the Spectrum Management Console. At this time sub admins will also be able to log into and use Spectrum Spatial Manager. In this release sub admins are only able to manage resources and their ACL via the REST APIs.

The management of users and roles is still undertaken using the Spectrum Management Console. The ACL service does not provide operations for managing users or roles.