For Single Organization

For organizations without sub-organizations, Users and Roles management is straightforward. The following sections outline how admins can manage users and assign roles within a single entity.

By default, your organization is set to Single Organization mode. If your organization requires managing sub-organizations, refer to the Users and Roles Management for Organizations with Sub-Organizations guide.

User Management in a Single Organization

The Users tab lists all users in your organization. This tab is accessible to users with either View Only or Full Access permissions on the User Management role. (see Roles for further details)

Access the Users tab via My Organization > Users to:

  • View and manage all users within the current organization.
  • Invite new users & assigning them roles.
  • Remove users from the organization.
  • Update user roles to ensure appropriate access levels.
  • Transfer the Super Admin role to another Admin (available only to Super Admins).

User Status

  • Pending: User has been invited but hasn't accepted.
  • Active: User has accepted the invitation and can access the Portal.

The first Admin is added to the Organization will be automatically set as Super Admin of the Organization.

Each organization has only one Super Admin. Super Admin can:

  • Update role of other Admins
  • Remove other Admins from the Organization
  • Transfer Super Admin role to another Admin

Super Admin role is available on My OPSWAT Portal only. This role is matched with Admin role in IDaaS.

The role of user in My OPSWAT Portal is different from the role of user in My OPSWAT - Central Management Component.

Role Management in a Single Organization

The Roles feature in My OPSWAT Portal leverages Role-Based Access Control (RBAC) to manage user permissions effectively. This enhances security by ensuring users have access only to the resources necessary for their role, minimizing unnecessary access and improving permission management.

The Roles tab is visible to users with View Only or Full Access permissions on the Role Management role. (see Roles for further details)

Navigate to My Organization > Roles to:

Predefined Roles

My OPSWAT Portal includes three predefined roles to cover core user management needs:

Super Admin

  • Holds the highest level of permissions, with full control over all organizational functions.
  • Each organization can have only one (1) Super Admin, automatically assigned to the first Admin added.
  • Super Admins can transfer their role exclusively to another Admin, ensuring continuity and accountability.

Admin: Has full control over all organizational functions, except for modifying or removing the Super Admin account.

User: Primarily a viewer role, allowing access to organizational information with limited editing and update capabilities.

Custom Roles

If you have Full Access to Role Management, you can create, modify, or delete roles tailored to your organization's needs

Creating a Custom Role

  1. Navigate to My Organization > Roles > Add Role.
  2. Fill in the below fields:
  • Name: Required field, Unique within the organization
  • Description: A short summary describing the role’s purpose.
  • Role Objects & Permissions: Default permissions for all Role Objects are set to "None" but can be customized.

Role Objects and Permissions

Here’s a breakdown of key Role Objects and their permissions:

Role ObjectsNoneView OnlyFull Access

Critical Alert Users

Applies to My Organization > Critical Alert Users tab

No accessView the list of email list subscribed to receive critical alerts.Add or remove email subscriptions for critical alerts.

Event History

Applies to My Organization > Event History tab

No access.Can access and view all recorded events; cannot make changes.-

License Management

Applies to License Management page.

Can see the License Management tab but cannot view organization's licenses.View licenses of the current organization, including functions like Active License and See Full License History.Includes View Only permissions plus the ability to Download Active Deployment Report, Edit license notes and View Organization's MD Cloud License

Organization General Information

Applies to My Organization > General Information tab

No accessView organization's general information.View and update the organization's general information.

Role Management

Applies to My Organization > Roles tab

No accessView the list of roles in your organization; cannot make changes.View and modify roles, including adding, editing, or removing them.

Security Management

Applies to My Organization > Security Management tab

No accessView the security settings; cannot make changes.View and modify security settings

Support Service

Applies to Support page

-Access most support functions, except configuring organization case access.Includes all support functions.

User Management

Applies to My Organization > Users tab

No accessView the list of users within your organization; cannot make changes.Invite or Remove users, change user's role.
For Partner Organization only

License Management - Customer Organizations

Applies to License Management > Customer Organizations tab

No accessView licenses of the customer's organization, including functions like Active License, See Full License History, View Organization's MetaDefender Cloud License, See Customer Note and Partner Note.Includes View Only permissions and adds the ability to Download Active Deployment Report, Edit Partner Note.

Support Service - Customer Organizations

Applies to Partner Organization has at least one linked customer with a Preferred Partner relationship

Cannot submit support cases on behalf on assigned customersSubmit support cases on behalf on assigned customers

Information Roles with Full Access to User Management and Role Management objects in My OPSWAT will be migrated to the other system (IDaaS) as Admin role.

Information: The My OPSWAT Team has removed the rule that "Admins cannot remove other Admins" starting from release 2024.4.1. From this version onward, users who have Full Access permission on User Management can remove all users except the Super Admin.

Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard