Skip to main content

Configure Role-based access control (RBAC)

By default, the SessionGuardian Admin Console includes only one role: Super Admin. This role has full permissions, including the ability to create and manage custom roles.

2394686863.png

Available permissions

You can assign these permissions to custom roles in the SessionGuardian Admin Console.

  • User profile management

    • Create, edit, or delete user profiles

    • View user profiles

    • Invite end users to register a profile photo

    • Invite end users to activate their profile on a device

    • Deactivate user profiles

  • Security and access control

    • Create, edit, or delete security groups

    • Create, edit, or delete projects

    • Create, edit, or delete Instances

  • Monitoring and configuration

    • View dashboard

    • Manage global configurations

    • View and export logs

    • View and export change history

    • View desktop screenshots (evidence)

Create a custom role

  1. In the Admin Console, click Roles.

  2. In the top-right corner, click Create Role.

  3. Set the following role permissions.

    Role name

    Enter a unique role name. (You cannot rename a role after creation.)

    Description

    Optional. Although this field is optional, adding a description helps clarify the role’s purpose and responsibilities.

    Permissions

    Select the necessary permissions from the list below. (Some permissions auto-enable related ones.)

    sg_rbac_002.png
  4. Save your changes.

Modify a role

  1. Click the pencil icon next to the role.

  2. Update the Description or Permissions as needed. (You cannot rename a role.)

  3. Save your changes.

    Result: Changes apply when users log in again.

Delete a role

  1. Click the delete icon next to the role.

  2. If the role is assigned to users, reassign them before deleting.

  3. Read and acknowledge the warning message. (Deletion is permanent.)

    2394489657.png
  4. Click Delete.