When adding a new team member, you can assign a User role to manage what actions they can execute. For those an Enterprise plan, you can go one step further and set Permissions to limit the targets they can access.
What Roles are available?
For users of the Cloud, Pro, Enterprise, and Vanguard plans, you can choose between 'Admin', 'Scan user', and 'Read only'. (Tag-restrictions are only applicable to scan and read-only users):
(For a detailed breakdown of what each role can do, head to this article.)
What are user Permissions?
If you are on the Enterprise or Vanguard plan, and a user is allocated a Scan User or Read-Only role, then this will allow you to select Permissions. This is a control that allows you to restrict the tags that the user is able to see or perform actions on:
How do I assign tags to targets?
It's easy - head to this article to see how it's done.
How do I assign tags to a new user?
When adding a new user to the account, head to Settings > User > 'Add a user':
Once you've added their name and email address and chosen the role:
Select '
Restrict access to specific tags'Select the tags associated with the targets you want the user to see.
Click '
Add user'
How do I assign tags to an existing user?
Head to Settings > Users > hit Edit:
Then:
Ensure the user is either a scan user or read-only.
Select select '
Restrict access to specific tags,' under permissions.Select the tags.
Press '
Save'.
Can I manage a user's visibility from the tags page?
If you're an admin, absolutely!
Simply head to Targets > Tags > Users (and edit accordingly) > hit Save changes:
What does restricted visibility look like?
All pages will appear pretty much the same, just restricted to the targets that a user has permission to view.
The only notable difference is the dashboard, which doesn't include the activity feed for restricted users:
