Assigning users to a role

This topic is not applicable if you're working in a child account within a pan-tenant environment. User roles are managed from the parent account.

From the Roles area, you can assign one or more users to a role. Note that users can only be assigned one role at a time. Assigning a user to a role removes their original role assignment.

To assign users to a role, you need to have the appropriate permissions to work with that role. For example, Security Power Users can assign users to Guest User or Power User roles only.

If SCIM integration is enabled, users are managed in your IdP. Any role changes you make will be overwritten by the next sync from your IdP. The exception is the System Administrator role. If you assign this role to a user, it is not overwritten.

To assign users to a role:

1. Log in to the Secure Endpoint Console as a user with Assign permissions for Users and View permissions for Roles.
2. On the navigation bar, click Settings > User management > Roles.

3. On the Roles sidebar, click the role you want to assign users to.

4. Click Edit.
5. On the Assign Users page, select the checkbox next to each user with an Active status that you want to assign to the role. If a icon shows when you hover over a checkbox, the user is already assigned to the role.
6. Click Save.

The user is added to the list on the Assigned Users page for this role, and a User updated event is logged to Event History.