Configure roles in the Cortex XSOAR tenant.
You can assign the following permissions to various components in Cortex XSOAR:
Permission | Description |
---|---|
None | No access to the specified component. |
View | View, but not edit the specified component. |
View/Edit | View and edit the specified component. |
Out-of-the-box roles
Cortex XSOAR includes the following out-of-the-box roles:
Role | Type | Description |
---|---|---|
Account Admin | Predefined | The user who supplied their credentials when installing Cortex XSOAR is assigned the Account Admin role. This user has view/edit permissions for all components and access to all pages in the Cortex XSOAR tenant (the same view/edit permissions as the Instance Administrator). You cannot create additional Account Admin roles in Cortex XSOAR. You cannot edit this role. You can copy the role by saving it as a new role and then change permissions. |
Instance Administrator | Predefined | View/edit permissions for all components and access to all pages in the Cortex XSOAR tenant. The Instance Administrator can also assign the Instance Administrator role to other users on the tenant. If the application has predefined or custom roles, the Instance Administrator can assign those roles to other users. You cannot edit this role. You can copy the role by saving it as a new role and then change permissions. |
Analyst | Custom | A mix of view and view/edit permissions for all components and access to all pages in the Cortex XSOAR tenant. |
Read-Only | Custom | Read permissions for all components and pages in the Cortex XSOAR tenant. |
Note
By default, users do not have roles assigned. If no direct or user group role has been assigned, users have no permission to view or edit data in Cortex XSOAR.
Next steps
Before you start creating or customizing roles, do the following:
Review the Role-based permissions topic.
Decide whether you want to assign roles to users directly or through membership in user groups (recommended) in the Cortex XSOAR tenant.