Managing User Roles
This topic describes user roles within managed accounts that permit different levels of access privilege.
When logged into a partner account, you can assign user roles to control the actions and permissions of users in managed accounts. This table summarizes each user role and its supported functionality, indicated by a ✓.
Only a partner account user with Company Admin privileges can create managed accounts and onboard managed account users.
|Create managed account||✓|
|Onboard managed account users||✓|
|Update a service||✓||✓||✓|
|Lock and unlock services||✓|
|Create, view, and edit service keys||✓||✓||✓|
|Create, view, and update users||✓|
|Update user details||✓||✓||✓||✓||✓||✓|
Here are some details to consider when creating user roles:
- Company Admin – We recommend limiting the number of Company Admin users to only those who require full access, but defining at least two Company Admin users for redundancy.
- Technical Admin – This role is for technical users who know how to create and approve orders.
- Technical Contact – This role is for technical users who know how to design and modify services but don’t have the authority to approve orders.
- Finance – Finance users should have a financial responsibility within the organization while also understanding the consequences of their actions if they delete or approve services.
- Financial Contact – This user role is similar to the Finance role without the ability to place and approve orders, delete services, or administer service keys.
- Read Only – Read Only is the most restrictive role. Note that a Read Only user can view service details which you may want to keep secure and private. A user with the read-only role can view service details which might contain information about the service that you want to keep secure and private.
You can add user roles when you create a new user, or you can edit user information to change their role. For details about adding a new user, see Adding and Modifying Managed Account Users.
To edit user credentials, you need Company Admin privileges.
To manage user roles and permissions
- Log in to a partner account with Company Admin privileges.
Choose Company > Manage Users.
The Manage Users page appears. This page lists existing users and you can add a new user or edit existing user privileges and contact information.
Click Edit to modify an existing user’s role or click New User (at the bottom of the page) to set up a new user and define their role.
- Select the role for the user.
- Click Save.