User management - Administrator Guide - 8 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR Cloud Documentation

Product
Cortex XSOAR
Version
8
Creation date
2024-03-07
Last date published
2024-11-14
Category
Administrator Guide
Solution
Cloud
Abstract

Manage users in Cortex Gateway or the Cortex tenant.

You can manage users in Cortex Gateway or the Cortex tenant. At the Users tab in the Permissions page (Cortex GatewayPermission Management+Permissions) or the Users page (Settings & InfoSettingsAccess ManagementUsers) in the tenant, you can see user information, including:

Name

Description

User Type

Indicates whether the user was defined in Cortex using the CSP, SSO using your organization’s IdP, or both CSP/SSO.

Note

If you have migrated local users from Cortex XSOAR 6 and these users are in the Customer Support Portal, these users are designated the PANW IDP user type. For more information, see Migrating users and roles.

Direct Role

Displays the name of the role assigned specifically to the user not inherited from somewhere else, such as a user group.

In Cortex Gateway, select the arrow next to the name of the user to see the user roles and the tenants the user has access to.

In the Cortex tenant, the direct role is the role assigned to the user in the tenant.

When the user has no access permissions assigned specifically to them, the field displays No-Role.

Groups

Lists the user groups to which the user belongs.

If a user is assigned to multiple user groups, which are mapped to different roles, or if the user is assigned to nested user groups, the user inherits the permissions of parent user groups and has the highest level of privileges based on the combination of roles.

Any group imported from Active Directory has the letters AD added beside the group name.

Group Roles

Lists the different group roles based on the groups the user belongs to. When you hover over the group role, the group associated with this role is displayed.

Last Login Time

Last date and time the user accessed the Cortex tenant.

Status

Displays whether the user is Active or Inactive.

Phone number

Relevant only in the Cortex tenant.

Displays the user's phone number. Including the user's phone number enables playbooks and scripts to trigger direct analyst communication by phone.

Considerations for managing users in Cortex Gateway or tenant

Option

Cortex Gateway

Cortex tenant

SSO

Limited to viewing SSO users. You cannot edit SSO users in Cortex Gateway.

Full management of SSO users

Update user details option

N/a

View the user's details and add the user's telephone number.

User Permissions

Global user role management including assigning the Account Admin role, or limiting the user role to the relevant Cortex product/tenant, and adding/removing roles in the Tenant/Gateway.

Note

You must have an Account Admin role to manage users in Cortex Gateway.

Management of predefined and custom user roles on the tenant.

Note

You must have an Account Admin or Instance Administrator role.

Hide users

Users are hidden from the list of users in Cortex Gateway, but can still be viewed in the tenants.

By default, the Show User Subset field is selected, which displays the users not designated as Hidden users. This is useful when you have users not related to Cortex XSOAR and who will not be designated with a Cortex XSOAR role, such as Customer Support Portal Super Users, and you want to hide them from the list.

The user is hidden in the list of users in the tenant, but can still be viewed in other tenants and Cortex Gateway.

In the Cortex tenant under the Actions button, select Hide Hidden Users.

When you hide users in the tenant, they are hidden in the tenant and not in Cortex Gateway.

Deactivate/activate users

Deactivate the user for one or more tenants.

Deactivate the user for the tenant only.