About roles and permissions

There are six types of user roles available, each with their own permission levels for available actions. The roles are specified on the Create/Edit User screen.

Administrator — Users with this permission level control the highest-level security and account settings and have access to all data. We recommend that most teams have only a couple of Administrators. The first user to start a new account is given an Administrator role. Administrators added subsequently can change the role of the first user if needed.

Manager — Managers can manage users and handle most administrative tasks, plus create, edit, and permanently delete data within the designated organizations where access is granted.

Editor — Editors can create, edit, and permanently delete data—even data that they themselves didn't create—within the designated organizations where access is granted.

Creator — Creators can create and edit data within the designated organizations where access is granted. Any destructive actions (i.e. permanently deleting data) are prohibited.

Read-only — Users with this permission level can only view data within the designated organizations where access is granted. This role is read-only.

Lite — Users with this permission level can only view data within the designated organizations where access is granted. This role is read-only and is only allowed access to up to five organizations/sub-organizations. This role is ideal for clients you invite into your account.

For reference, the table below summarizes the different permission levels:

Comparing Manager and Administrator roles

Here's a quick overview of the Manager and Administrator roles.

Managers

Managers can perform these administrative actions in the account:

  • Update billing
  • Invite/remove/edit users (except Administrator roles)
  • Manage user groups (except groups that they are not a member of)
  • Create/delete/edit flexible assets
  • Edit the organizational sidebar
  • Enable integrations and features
  • Access sync settings and data management screens associated with PSA and RMM integrations
  • View detailed activity logs 
  • Import data (requires access to all organizations)

Administrators

Administrators have all the same administrative rights and permissions as Managers but with the following additions:

  • Turn on enforced multi-factor authentication (MFA) for all users
  • Turn on single-sign on (SSO) for all users
  • Reset MFA for users
  • Generate API keys for IT Glue API and Warranty Master API
  • Configure GlueConnect
  • View and share the Passwords Accessed report
  • Manage all user groups
  • Import/export data
  • Full visibility to all data; an all-access pass to the account (regardless of access settings)

 

Note

Was this article helpful?
3 out of 3 found this helpful