Users and Roles Management - Administrator Guide - 8 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR Administrator Guide

Cortex XSOAR
Creation date
Last date published
Administrator Guide

Manage users, roles, invitations, password policies, and view information about users activities in Cortex XSOAR.

Cortex XSOAR uses role-based access control (RBAC) to manage roles of specific permissions for controlling user access. RBAC helps manage access to Cortex XSOAR components, so that users, based on their roles, are granted minimal access required to accomplish their tasks.

Any user who has a Customer Support Portal account (CSP) can access Cortex XSOAR. You can manage users' roles through the following:

  • Cortex Gateway: In the Cortex Gateway, select Permission Management. You can define permissions for one or more tenants and users roles generally.

  • Cortex XSOAR: Update users roles by going to Settings & InfoSettingsAccess Management. You can manage users, roles, user groups and single sign on for the particular tenant. In the Access Management section, you can do the following:

    • Configure Single Sign-On Using SAML 2.0 in the Cortex XSOAR Tenant.

    • Manage Users, such as deactivating users, add user roles, import multiple user roles and view user’s details such as name, email address, last log in, user type etc.

    • Create User Groups, which enables you to create groups of users with a defined role.

    • Manage Roles and access permissions in the Roles page. You can add as many roles as required and change their permission levels.

    • Set integration permissions by assigning roles to commands at the integration instance level. If you have multiple instances of the same integration, you can assign different roles (permission levels) for the same command in each instance.


For License purposes only, Cortex XSOAR includes the following users:

  • Audit users

  • Full users

For more information about these users, see Licenses.