Security Roles allow you to custom-craft specific permissions for the users loaded into your CloudRadial tenant. Permissions affect the overall visibility and general functionality of each and every feature within your portal.
Adding a new role means having complete control over the experience and capabilities of a user to work within your portal. Please note that:
- You can add up to 6 custom roles for a total of 10 with CloudRadial CSA Starter and Pro
- The remaining 4 roles are system default roles. You can learn more about them here.
- CloudRadial Enterprise plans can create unlimited roles
- CloudRadial Portal 365 does not have customizable roles
Read the article below to learn how to add, modify, clone, and review Security Roles for your users.
-
How to Add a Security Role
- How to Clone Security Roles
- Assigning Security Roles to Users
- Reviewing Security Roles at Scale
How to Add a Security Role
To add a new Security Role:
- Navigate to Partner > Security within CloudRadial CSA
- Select the Roles tab at the top
- Select + Add Role at the top right
- Enter in your preferences (explained in detail below)
- Select Submit at the bottom once your role is structured the way you like it.
Role Settings
-
Name and Description fields help you keep track of what the role does and who it's for. Be concise and descriptive to help you manage roles at scale.
- The Default Role checkbox enables the role you're creating to be the go-to for all new users. Read more about default roles here.
Impersonation Permissions
-
Impersonate User - Allows users to impersonate other users with User-level permissions, specifically those without access to the Partner tab and those not in an Admin user group.
-
Use Case: Give this to your key contacts in a specific company to allow them to impersonate users and let them take actions, such as submitting on their behalf (such as in co-managed situations).
-
Use Case: Give this to your key contacts in a specific company to allow them to impersonate users and let them take actions, such as submitting on their behalf (such as in co-managed situations).
-
Impersonate Admin - Allows users to impersonate Companies with a generic administrator permission. This will NOT allow users to impersonate administrators. Users must have access to Partner > Clients to be able to impersonate a specific company.
-
Use Case: This can be given to users in the Partner company (ex: an MSP account manager) who need to access their clients for management purposes.
- This level of impersonation will grant them access to view what an admin sees in the impersonated company
-
Use Case: This can be given to users in the Partner company (ex: an MSP account manager) who need to access their clients for management purposes.
-
Impersonate Admin (All Features) - Allows users to impersonate Companies with an administrator permission that can see ALL features of the portal, and not just what's enabled in the feature set. This will NOT allow users to impersonate administrators. Users must have access to Partner > Clients to be able to impersonate a specific company.
-
Use Case: This can be given to users in the Partner company (ex: an MSP account manager) who need to access their clients for management purposes.
- This level of impersonation will grant them access to view what an admin sees in the impersonated company.
- Useful in instances where an account manager is managing a client and needs to access soemthign otherwise disabled in the feature set.
-
Use Case: This can be given to users in the Partner company (ex: an MSP account manager) who need to access their clients for management purposes.
Module Permissions
Select the specific level of permissions to each module (sidebar option) that the users assigned this role will have. For reference:
-
No Access- No rights to this module. The module won't appear in the sidebar.
-
Read - View only rights to the content within the module.
-
Write - Ability to add content and then edit or delete content the specific user has created. Content created by the users with this permission can be assigned to users within that company, by using User Groups
-
Delete - Ability to add or edit any company-level content.
- Note: This permission level can break subscription-based content.
- See Understanding Broken Content (And How To Fix It) – CloudRadial
- Full - Ability to add or edit any content, including content that is Partner-managed.
How to Clone Security Roles
In some instances, you may wish to tweak an existing security role. To do so, you can simply edit the role from the Partner > Security > Roles (tab) page and have the changes reflected upon submission of changes, and a refresh on the user's page.
However, if you wish to clone a role to save time, you can do so using an existing role as a template.
- This is possible only if you have a free role slot to experiment with. Keep in mind that CloudRadial versions are limited to 10 total roles with the exception of CSA Enterprise, which has unlimited roles.
To clone a security role:
- Navigate to Partner > Security within CloudRadial CSA or Portal 365
- Select the Roles tab at the top
- Select the Role you wish to modify
- Select the Save As option at the top right of the role
- You will be prompted to name the copied role
- You will be prompted to name the copied role
- Select the Submit button to make a copy of the role
This role will be identical to the copied role, allowing you to modify it without having to edit or mirror the original role manually.
Assigning Security Roles to Users
Once you have created your role(s), you will want to assign them to your users. There are several strategies to this assignment - from simple to more complex, large-scale assignments. These options are flexible in CloudRadial and allow you to choose how to deploy your roles to fit your needs.
To learn more about role assignments and their best practices, please see this article.
Reviewing Security Roles at Scale
When you have created multiple security roles, it can be helpful to periodically review the roles available to ensure that they're meeting your client management needs.
Simply navigating to Partner > Security > Roles (tab) will show you an overview of your roles, as well as the following information in the grid:
- Role Name
- Description
- Number of Assigned Users
-
Access Levels to Modules
- Partner Module
- Client Admin Modules
-
Portal Modules
- The grid will display their highest level of access to the respective module and whether that highest level is Read, Write, Delete, Full, or blank for none.
You can also download an Excel file using the Download button at the top right for easier sorting and visibility.
Comments
0 comments
Article is closed for comments.