Manage user roles

Out-of-the-box User Roles

Role-based access management lets you assign one of three out-of-the-box system roles to users. Each role is defined by a scope and privilege type (read-only, read/write).

The table below describes permitted User Roles functionality:

	Admin	Security manager	Auditor
Access Management (Users management, API access keys management, Roles management, SSO setup)	ü
ASMS Integration	ü
Configuration (Sync statistics, Naming convention, Custom fields)	ü
View objects, change requests and activity logs	ü	ü	ü
Connectivity check	ü	ü	ü
Manage object data (Create/Edit/Delete objects)	ü	ü
Import/Export objects to/from CSV	ü	ü

Out-of-the-box role assignments for users in AlgoSec Cloud and ObjectFlow

When a user is created and assigned a built-in role in one SaaS application, the user is created in the other application and assigned a role, as follows.

• Admin role user created in ObjectFlow is Admin in AlgoSec Cloud and vice versa.

• Security manager role user created in ObjectFlow is Auditor in AlgoSec Cloud and vice versa (Security manager role user created in AlgoSec Cloud has Auditor role in ObjectFlow ).

• Auditor role user created in ObjectFlow is Auditor of AlgoSec Cloud and vice versa.

When an existing user's role changes in AlgoSec Cloud :

• From Admin to either Security Manager or Auditor, the corresponding role in ObjectFlow becomes Auditor.

• From Security Manager to Auditor, there is no effect on the user's role in ObjectFlow.

• From Auditor to Security Manager, there is no effect on the user's role in ObjectFlow.

When a user's role changes in ObjectFlow:

• From Admin to either Security Manager or Auditor, the corresponding role in AlgoSec Cloud becomes Auditor.

• From Security Manager to Auditor, there is no effect on the user's role in AlgoSec Cloud.

• From Auditor to Security Manager, there is no effect on the user's role in AlgoSec Cloud.