Configure Role-based access control (RBAC)
By default, the SessionGuardian Admin Console includes only one role: Super Admin. This role has full permissions, including the ability to create and manage custom roles.
![]() |
Available permissions
You can assign these permissions to custom roles in the SessionGuardian Admin Console.
User profile management
Create, edit, or delete user profiles
View user profiles
Invite end users to register a profile photo
Invite end users to activate their profile on a device
Deactivate user profiles
Security and access control
Create, edit, or delete security groups
Create, edit, or delete projects
Create, edit, or delete Instances
Monitoring and configuration
View dashboard
Manage global configurations
View and export logs
View and export change history
View desktop screenshots (evidence)
Create a custom role
In the Admin Console, click Roles.
In the top-right corner, click Create Role.
Set the following role permissions.
Role name
Enter a unique role name. (You cannot rename a role after creation.)
Description
Optional. Although this field is optional, adding a description helps clarify the role’s purpose and responsibilities.
Permissions
Select the necessary permissions from the list below. (Some permissions auto-enable related ones.)
Save your changes.
Modify a role
Click the pencil icon next to the role.
Update the Description or Permissions as needed. (You cannot rename a role.)
Save your changes.
Result: Changes apply when users log in again.
Delete a role
Click the delete icon next to the role.
If the role is assigned to users, reassign them before deleting.
Read and acknowledge the warning message. (Deletion is permanent.)
Click Delete.