Manage User Roles

User roles let you manage access to the Umbrella dashboard, limiting access based on the needs of your organization. You assign user roles to administrators through Manage Accounts. The access limitations you assign to administrators can be either one of Umbrella's default roles or a custom role that you create through the User Roles page.

Default roles are:

  • Full Admin—Grants full access to the Umbrella dashboard, including the ability to create and assign new roles.
  • Read-Only—Grants limited Umbrella dashboard access. A user can only view pages and reports. Functionality, including buttons, may not be displayed or available. A user can access Investigate (if applicable), but not create/delete API tokens.
  • Block Page Bypass—Grants user the ability to bypass pages that are otherwise blocked by Umbrella policies. It does not allow a user to edit policies or view reports. There is also only limited access to the dashboard.
  • Reporting Only—Limits Umbrella dashboard access to viewing and running reports.
  • Investigate Only—Limits access to Investigate only.
  • Security Administrator—Grants the same access as the Full Admin, but does not have access to Data Loss Prevention (DLP) classifications, DLP policies, the DLP Report, or the web policy tester. In addition, the Security Administrator role does not have permission to selectively enable the Secure Web Gateway (SWG) for the AnyConnect Roaming Security Module or Cisco Secure Client.

Hide Identities with De-identification < Manage User Roles > Add a New User