Users and Roles Overview - Administrator Guide - 6.9 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR Administrator Guide

Product
Cortex XSOAR
Version
6.9
Creation date
2022-09-29
Last date published
2024-05-22
End_of_Life
EoL
Category
Administrator Guide
Abstract

Manage users, roles, invitations, password policies, and view information about users activities in Cortex XSOAR.

Cortex XSOAR uses role-based access control (RBAC) for controlling user access. RBAC helps manage access to Cortex XSOAR components, so that users, based on their roles, are granted minimal access required to accomplish their tasks.

You can manage the following settings/roles in the USERS AND ROLES tab:

  • View and manage different roles and access permissions in the Roles tab. You can add as many roles as required and change their permission levels, as described in Roles in Cortex XSOAR.

  • View and manage different users in the Users tab. You can view the user’s details such as name, email address, last log in, whether they have been locked out, and so on. You can also manage the user’s password, unlock their account, disable, enable, and remove their account.

  • Invite users and manage invitations, as described in User Invitations. After the user has accepted the invitation you can manage their role in Cortex XSOAR.

  • Assign roles to commands at the integration instance level. This means if you have multiple instances of the same integration, you can assign different roles (permission levels) for the same command in each instance. For more information, see Integration Permissions.

  • View details of actions taken in Cortex XSOAR in the Audit trail.

  • Set a password policy, as described in Password Policy.

You can also authenticate users with Active Directory or with SAML 2.0.

Note

For license purposes only Cortex XSOAR includes the following users:

  • Audit users

  • Full users

For more information about these users, see Licenses.