Roles
Overview
MetaDefender Managed File Transfer has several predefined roles - also referred to as User Type. When MetaDefender Managed File is first accessed, the first user is created as an Administrator. Any local user created afterward must have their role defined during the creation process.
The first created administrator can be deleted, provided there are other administrators present.
Roles and Permissions
Administrator: This role has comprehensive access and can perform any required configuration within the system. Administrators have the ability to release files, but cannot approve them unless they also hold the supervisor role. Additionally, they can download and preview other users' files.
Helpdesk Administrator: This role can manage users (add, remove, edit) and perform administrative tasks within the system. Helpdesk Administrators only have access to their own files.
Auditor: Auditors have access to any file processed by the system. They have visibility into the Processing History, Outbreak Prevention, Audit, Recycle Bin, and Archive. When Supervision is enabled and a file is or was under supervision, its Supervisor History can be viewed.
Global Supervisor: This role is a regular user role with additional permissions. Global Supervisors see all files in the pending approval state and can approve them, making them instantly available without any further steps or stages. They cannot delegate supervisory roles.
User: Users have control over the files they upload, can share files with internal and guest users, and create guest users. Refer to the end-user guide for more details.
Automation Coordinator: This role can create and manage Automated Jobs.
| Admin | Read Only Administrator | IT Helpdesk | Auditor | User | Global Supervisor | Automation Coordinator | |
|---|---|---|---|---|---|---|---|
| Processing History | Full | Filename and tag | N/A | Full [1] | N/A | N/A | N/A |
| Users | Full | View | Create / Remove / Edit | Self created External / Guest | Self created External / Guest | Self created External / Guest | N/A |
| Supervisor | Full | View | Process Setup | N/A | When Supervisor | Full [5] | When Supervisor |
| Outbreak Prevention | Full | View | Full | Full [2] | N/A | N/A | N/A |
| Trusted Network | Full | View | Full | N/A | N/A | N/A | N/A |
| Notifications | Full | View | Full | N/A | N/A | N/A | N/A |
| Audit | Full | View | Full | Full [2] | N/A | N/A | N/A |
| Recycle Bin / Archive | Full | View | Own files | Full [3] | Own files | Own files | Own Files |
| Settings | Full | View | Full [4] | N/A | N/A | N/A | N/A |
| SFTP Integrations | Full | View | Full | N/A | N/A | N/A | View them at Jobs |
| MFT Integrations | Full | View | Full | N/A | N/A | N/A | View them at Jobs |
| Jobs | Full | N/A | Full | N/A | N/A | N/A | Full |
| My Credentials | Full | N/A | Full | N/A | N/A | N/A | Full |
[1] Full - But without Revoke/Approve/Delete/Permanently Delete/Archive File
[2] Full - But without Settings
[3] Full - But without Restore/Delete/Permanently Delete
[4] Full - But without API keys
[5] Full - Without the ability to delegate other supervisors
For the last local administrator the role cannot be changed
When an existing user's role is changed to Automation Coordinator, they will no longer be able to manage any guest or external users they had previously created.