Instance level access control determines which BlackBerry® Pushcast™ Software users have permission to perform tasks on content, such as editing and assigning content. When a BlackBerry Pushcast Software user accesses a specific function, such as running a report, in the BlackBerry Pushcast Console through a role that you assign to them, the instance level access control determines what content the user has permission to access and perform tasks on.

Instance level access control only permits BlackBerry Pushcast Software users to assign roles to other users with permissions that are equal to or more restrictive than the users' own roles and permissions. For example, an organization's environment has three groups: group 1, group 2, and group 3. You assign the Administrator Role to user A so that user A can manage group 1 and group 2. User A cannot permit user B to manage group 3 because user A does not have the permission to manage group 3.