What roles are available?
For users of the Pro, Premium and Vanguard plans you can choose between 'Admin', 'Scan user' and 'Read only'.
What's the difference?
The read-only user has very limited access and is designed for those who just want to see the portal, rather than action anything. This might be a manager or someone new to the team who needs to be onboarded.
| Admin | Scan user | Read-Only |
Add targets | ✅ | ❌ | ❌ |
Add authentications | ✅ | ✅ | ❌ |
Add API schemas | ✅ | ✅ | ❌ |
Edit targets | ✅ | ❌ | ❌ |
Delete targets | ✅ | ❌ | ❌ |
Export targets | ✅ | ✅ | ✅ |
Start one-off scan | ✅ | ✅ | ❌ |
Start/edit/delete a scheduled scan | ✅ | ✅ | ❌ |
Start remediation scan | ✅ | ✅ | ❌ |
Manage scan priorities | ✅ | ✅ | ❌ |
Cancel scans | ✅ | ✅ | ❌ |
Edit scan settings | ✅ | ✅ | ❌ |
View issues | ✅ | ✅ | ✅ |
Snooze/Unsnooze | ✅ | ❌ | ❌ |
Download reports | ✅ | ✅ | ✅ |
Export checks | ✅ | ✅ | ❌ |
Add a user | ✅ | ❌ | ❌ |
Change a user role | ✅ | ❌ | ❌ |
Delete a user | ✅ | ❌ | ❌ |
Add an integration | ✅ | ❌ | ❌ |
Edit an integration | ✅ | ❌ | ❌ |
Delete an integration | ✅ | ❌ | ❌ |
Purchase licenses | ✅ | ❌ | ❌ |
Access Billing section | ✅ | ❌ | ❌ |
Download invoices | ✅ | ❌ | ❌ |
Cancel plan | ✅ | ❌ | ❌ |
Close user account | ✅ | ✅ | ✅ |
How do I assign a role?
When adding a new user to the account; head to Settings > Team > 'Add user':
Once you've added their name and email address, select either Admin, Scan user or Read-only (if you Scan user or re-only, you also have the option to restrict access to specific tags if you're subscribed to Premium or Vanguard), once that's all done hit Add user.
Can I change an existing user's role?
Absolutely, so long as you're an Admin; just head to Account > Settings > Team > locate the user and click ... > Change role
You can then adjust their role and their permissions (if the user is a non-Admin role and you're currently subscribed to Premium/Vanguard):
The change is effective immediately.
NB: Once a user has been changed to 'Read-only' or 'Scan user' the only way to reverse it would be to ask an Admin on the account to update it.