For Single Organization
- User type: Organization user
- Role:
- View Only/Full Access on User Management
- View Only/Full Access on Role Management
For organizations without sub-organizations, Users and Roles management is straightforward. The following sections outline how admins can manage users and assign roles within a single entity.
By default, your organization is set to Single Organization mode. If your organization requires managing sub-organizations, refer to the Users and Roles Management for Organizations with Sub-Organizations guide.
User Management in a Single Organization
The Users tab lists all users in your organization. This tab is accessible to users with either View Only or Full Access permissions on the User Management role. (see Roles for further details)
Access the Users tab via My Organization > Users to:
- View and manage all users within the current organization.
- Invite new users & assigning them roles.
- Remove users from the organization.
- Update user roles to ensure appropriate access levels.
- Transfer the Super Admin role to another Admin (available only to Super Admins).
User Status
- Pending: User has been invited but hasn't accepted.
- Active: User has accepted the invitation and can access the Portal.
The first Admin is added to the Organization will be automatically set as Super Admin of the Organization.
Each organization has only one Super Admin. Super Admin can:
- Update role of other Admins
- Remove other Admins from the Organization
- Transfer Super Admin role to another Admin
Super Admin role is available on My OPSWAT Portal only. This role is matched with Admin role in IDaaS.
The role of user in My OPSWAT Portal is different from the role of user in My OPSWAT - Central Management Component.
Role Management in a Single Organization
The Roles feature in My OPSWAT Portal leverages Role-Based Access Control (RBAC) to manage user permissions effectively. This enhances security by ensuring users have access only to the resources necessary for their role, minimizing unnecessary access and improving permission management.
The Roles tab is visible to users with View Only or Full Access permissions on the Role Management role. (see Roles for further details)
Navigate to My Organization > Roles to:
- Assign predefined Roles (Super Admin, Admin, User).
- Create and manage custom roles with specific permissions.
Predefined Roles
My OPSWAT Portal includes three predefined roles to cover core user management needs:
Super Admin
- Holds the highest level of permissions, with full control over all organizational functions.
- Each organization can have only one (1) Super Admin, automatically assigned to the first Admin added.
- Super Admins can transfer their role exclusively to another Admin, ensuring continuity and accountability.
Admin: Has full control over all organizational functions, except for modifying or removing the Super Admin account.
User: Primarily a viewer role, allowing access to organizational information with limited editing and update capabilities.
Custom Roles
If you have Full Access to Role Management, you can create, modify, or delete roles tailored to your organization's needs
Creating a Custom Role
- Navigate to My Organization > Roles > Add Role.
- Fill in the below fields:
- Name: Required field, Unique within the organization
- Description: A short summary describing the role’s purpose.
- Role Objects & Permissions: Default permissions for all Role Objects are set to "None" but can be customized.
Role Objects and Permissions
Here’s a breakdown of key Role Objects and their permissions:
| Role Objects | None | View Only | Full Access |
|---|---|---|---|
Critical Alert Users Applies to My Organization > Critical Alert Users tab | No access | View the list of email list subscribed to receive critical alerts. | Add or remove email subscriptions for critical alerts. |
Event History Applies to My Organization > Event History tab | No access. | Can access and view all recorded events; cannot make changes. | - |
License Management Applies to License Management page. | Can see the License Management tab but cannot view organization's licenses. | View licenses of the current organization, including functions like Active License and See Full License History. | Includes View Only permissions plus the ability to Download Active Deployment Report, Edit license notes and View Organization's MD Cloud License |
Organization General Information Applies to My Organization > General Information tab | No access | View organization's general information. | View and update the organization's general information. |
Role Management Applies to My Organization > Roles tab | No access | View the list of roles in your organization; cannot make changes. | View and modify roles, including adding, editing, or removing them. |
Security Management Applies to My Organization > Security Management tab | No access | View the security settings; cannot make changes. | View and modify security settings |
Support Service Applies to Support page | - | Access most support functions, except configuring organization case access. | Includes all support functions. |
User Management Applies to My Organization > Users tab | No access | View the list of users within your organization; cannot make changes. | Invite or Remove users, change user's role. |
License Management - Customer Organizations Applies to License Management > Customer Organizations tab | No access | View licenses of the customer's organization, including functions like Active License, See Full License History, View Organization's MetaDefender Cloud License, See Customer Note and Partner Note. | Includes View Only permissions and adds the ability to Download Active Deployment Report, Edit Partner Note. |
Support Service - Customer Organizations Applies to Partner Organization has at least one linked customer with a Preferred Partner relationship | Cannot submit support cases on behalf on assigned customers | Submit support cases on behalf on assigned customers |