Assign user roles and groups - Administrator Guide - Cortex XSIAM - Cortex - Security Operations

Cortex XSIAM Documentation

Cortex XSIAM
Creation date
Last date published
Administrator Guide

Learn how to assign users to roles and user groups.

After activating your Cortex XSIAM tenant, you can start to manage user roles and permissions. Cortex XSIAM uses role-based access control (RBAC) to manage roles with specific permissions for controlling user access. RBAC helps manage access to Cortex XSIAM components, so that users, based on their roles, are granted minimal access required to accomplish their tasks.

You can manage user roles from the following:

  • Cortex Gateway: Manage roles and permissions for multiple tenants linked to the same Customer Support Portal account.

    When you activate a tenant for the first time, users who were created in the Customer Support Portal will have access to the tenant but will not have a role. The gateway is usually used to assign roles after the activation process. Roles and permissions are applied across all tenants and all Cortex products. You can exclude different tenants or different Cortex products. For more information, see the Cortex Gateway Administrator Guide.

  • Cortex XSIAM Access Management: Manage roles and permissions, and authentication settings for a specific Cortex XSIAM tenant only. For more information, see Manage user access.

Assign roles directly to users or create user groups and assign roles to those groups. We recommend creating user groups (with a user role), and assigning users to those user groups rather than creating direct roles for each user.

Perform additional tasks

For more information about additional tasks such as creating a custom role, modifying a user's role, or removing a user's role, see Manage user access or the Cortex Gateway Administrator Guide.