Account Admin - Learn more about the Cortex XDR predefined user role called Account Admin. - Administrator Guide - Cortex XDR - Cortex - Security Operations

Cortex XDR 3.x Documentation
Product
Cortex XDR
License
Prevent
Pro
Creation date
2024-03-06
Last date published
2026-06-11
Category
Administrator Guide
Abstract

Learn more about the Cortex XDR predefined user role called Account Admin.

A super user role that is assigned directly to the user in Cortex Gateway and has full access to all Cortex products in your account, including all tenants added in the future. The Account Admin can assign roles to Cortex instances and activate product-specific Cortex tenants.

In Cortex Gateway, the Account Admin can assign roles to Cortex instances and activate product-specific Cortex tenants. This user has the same view/edit permissions in the tenant as the Instance Administrator.

Note

The user who activated the Cortex product is assigned the Account Admin role. You cannot create additional Account Admin roles in the Cortex XDR tenant. If you do not want the user to have Account Admin permission, you need to remove the Account Admin role in Cortex Gateway.

Tip

Assign to the primary platform administrator, typically the security operations director, or designated platform owner. This role should be limited to a very small number of trusted users.

To quickly see exactly which pages and actions a role allows, click on the role name, which opens a read-only view of all checked permissions. For more information about the permissions, see Role permissions by components.