What roles are available?
For users of the Cloud, Pro, Enterprise, and Vanguard plans you can choose between 'Admin', 'Scan user' and 'Read only'.
What's the difference?
The read-only user has very limited access and is designed for those who just want to see the portal, rather than action anything. This might be a manager or someone new to the team who needs to be onboarded.
| Admin | Scan user | Read-Only |
Add targets | ✅ | ❌ | ❌ |
Add authentications | ✅ | ✅ | ❌ |
Add API schemas | ✅ | ✅ | ❌ |
Edit targets | ✅ | ❌ | ❌ |
Delete targets | ✅ | ❌ | ❌ |
Export targets | ✅ | ✅ | ✅ |
Start one-off scan | ✅ | ✅ | ❌ |
Start/edit/delete a scheduled scan | ✅ | ✅ | ❌ |
Start remediation scan | ✅ | ✅ | ❌ |
Manage scan priorities | ✅ | ✅ | ❌ |
Cancel scans | ✅ | ✅ | ❌ |
Edit scan settings | ✅ | ✅ | ❌ |
View issues | ✅ | ✅ | ✅ |
Snooze/Unsnooze | ✅ | ❌ | ❌ |
Download reports | ✅ | ✅ | ✅ |
Export checks | ✅ | ✅ | ❌ |
Add a user | ✅ | ❌ | ❌ |
Change a user role | ✅ | ❌ | ❌ |
Delete a user | ✅ | ❌ | ❌ |
Add an integration | ✅ | ❌ | ❌ |
Edit an integration | ✅ | ❌ | ❌ |
Delete an integration | ✅ | ❌ | ❌ |
Purchase licenses | ✅ | ❌ | ❌ |
Access Billing section | ✅ | ❌ | ❌ |
Download invoices | ✅ | ❌ | ❌ |
Cancel plan | ✅ | ❌ | ❌ |
Close user account | ✅ | ✅ | ✅ |
How do I assign a role?
When adding a new user to the account: click your profile > Users > Add a user:
Once you've added their name and email address, select either
Admin,Scan userorRead-onlyfor the Role.If you choose
Scan userorRead-onlyfor the role, you also have the option to restrict access to specific tags (if you're subscribed to Enterprise or Vanguard).Once that's all done hit
Add user.
Can I change an existing user's role?
Absolutely, so long as you're an Admin; just head to your profile > Settings > Users > click ... > Edit:
You can then adjust their role and their permissions (if the user is a non-Admin role and you're currently subscribed to Enterprise/Vanguard):
The change is effective immediately.
NB: Once a user has been changed to 'Read-only' or 'Scan user' the only way to reverse it would be to ask an Admin on the account to update it.