By default Rundeck stores the users and roles on the
realm.properties file. The recommended way to manage users and groups is to configure Rundeck against an
LDAP/
AD server and use the roles/users from there (check
this Docker example), also you can configure
SSO on Rundeck Enterprise. In any case, you need to provide the correct rights via
ACL to give/deny access to your projects and jobs.