On Pega (Government Platform) 8.4.4. We use SAML SSO, and new Operators are created automatically using a model operator.
SAs are assigned the "Author" access group in our standard base app after creation, and they can create new applications, which is good. However, they can create and modify operators as well. I would like to remove that ability from the Author access group.
It appears that the Author access group is based on [standard base app].Administrator and PegaRULES:SecurityAdministrator roles. If I remove PegaRULES:SecurityAdministrator from the Author access group, will that do the trick? Or is my whole approach flawed?
Thanks in advance.
***Edited by Moderator Marissa to add Capability tags***