Managing User Roles

This topic describes user roles within managed accounts that permit different levels of access privilege.

When logged into a partner account, you can assign user roles to control the actions and permissions of users in managed accounts. This table summarizes each user role and its supported functionality, indicated by a .


Only a partner account user with Company Admin privileges can create managed accounts and onboard managed account users.

Company Admin
Company Admin
Technical Admin
Technical Admin
Technical Contact
Technical Contact
Financial Contact
Financial Contact
Read Only
Read Only
Create managed account
Onboard managed account users
Create services
Delete services
Design services
Update a service
View services
Lock and unlock services
Create, view, and edit service keys
View usage
Create, view, and update users
Update user details

Here are some details to consider when creating user roles:

  • Company Admin – We recommend limiting the number of Company Admin users to only those who require full access, but defining at least two Company Admin users for redundancy.
  • Technical Admin – This role is for technical users who know how to create and approve orders.
  • Technical Contact – This role is for technical users who know how to design and modify services but don’t have the authority to approve orders.
  • Finance – Finance users should have a financial responsibility within the organization while also understanding the consequences of their actions if they delete or approve services.
  • Financial Contact – This user role is similar to the Finance role without the ability to place and approve orders, delete services, or administer service keys.
  • Read Only – Read Only is the most restrictive role. Note that a Read Only user can view service details which you may want to keep secure and private. A user with the read-only role can view service details which might contain information about the service that you want to keep secure and private.

You can add user roles when you create a new user, or you can edit user information to change their role. For more information about adding a new user, see Adding and Modifying Managed Account Users.


To edit user credentials, you need Company Admin privileges.

To manage user roles and permissions

  1. Log in to a partner account with Company Admin privileges.
  2. Choose Company > Manage Users.

    Manage Users option in the Company menu

    The Manage Users page appears. This page lists existing users and you can add a new user or edit existing user privileges and contact information.

    Manage Users page showing that you can manage user roles and permissions by clicking Edit next to each user.

  3. Click Edit to modify an existing user’s role or click New User (at the bottom of the page) to set up a new user and define their role.

  4. Select the role for the user.
  5. Click Save.