When a user creates an application and subscribes to an API, a role is created automatically as shown below.
These roles are not assigned any permissions when created. The application is visible only to users of that particular role. For other users to be able to view the application, a user with admin privileges has to assign the role to the users.
To add users or add roles using APIs, you can use the RemoteUserStoreManagerService (an admin service of the WSO2 Carbon platform).