Creating custom roles

Creating a custom role consists of three or four steps, depending on whether you want to assign users to the role during the creation process:

Step 1: Define the new role's name and description

Step 2: Set permissions for each feature that you want the role to have access to

Step 3: Select the roles that the role can manage

Step 4: Assign users to the new role

Alternatively, you can copy an existing role and modify the permissions.

To create a new custom role:

  1. Log in to the Secure Endpoint Console as a System Administrator.
  2. On the navigation bar, click Settings > User management > Roles.
  3. On the Roles sidebar, click . The Create New Role dialog opens.

  4. On the Define Role and Permissions page:

    1. In the Name field, enter a name for this new role. The following special characters are supported: .(period), ?, /, \, and #.
    2. [Optional] Click Description to add a description for this role.

    3. To ensure that the user can access basic console functionality, including Device Details, select the following permissions:

      • View permissions for Device Fields
      • View permissions for Device reports

    4. To assign additional permissions for the features that you want the role to have access to, do the following:

      • To assign view and export (if applicable) permissions for a feature, select the View checkbox.
      • To assign view, export (if applicable), and edit permissions for a feature, select the Manage checkbox. The View checkbox is selected automatically.
      • To assign Activate, Publish, Run, or Perform permissions for a feature, select the feature's applicable Other Actions checkbox. If a View checkbox is associated with the feature, select it as well.
    5. [Optional] Assign the limits for the number of Device Action requests that can be completed before the request must be authorized.
    6. Click Next.

  5. On the Assign Manageable Roles page, do the following:

    1. Select the checkbox next to each role that you want this role to be able to manage. To select all roles, select the checkbox in the header. Managing a role includes assigning the role to users and editing users assigned to that role.
    2. To allow this role to manage other users assigned to the same role, select the checkbox next to Include new role in the list.

  6. On the Assign Users page, do one of the following:

    • To assign users to this role now:

      1. Use the Search field to search for one or more users.
      2. Select the checkbox next to each user you want to assign to this role.
      3. Click Create Role.
    • To assign users later, click Create Role.
  7. On the confirmation dialog that indicates the custom role was created successfully, click Close. A Role created event is logged to Event History.
  8. If you want other roles to be able to manage the new role you created, edit each role's managed roles.