Roles and Permissions

The Helpdesk Admins will no longer be able to manage the security operations of your organization. With the new update and additional policies, we have reverted the security permissions of the Helpdesk Admin role and introduced the Security Admin role to cater all security operations. Other permissions of the Helpdesk Admin will remain the same.

Security Admin Role:

As part of our updated policy rollout, we've introduced the Security Admin role - a dedicated role to manage all your organization’s security needs. This role is designed to streamline all security operations of your organization.

Security Admin Role Permissions

Category	Permissions
Users	User Management: View users \| Edit users \| Reset password \| Manage MFA \| Generate backup codes User Email: View user emails \| Edit user emails \| Delete user emails
Groups	Group Management: View groups \| Edit groups \| Add groups \| Delete groups Group Members: View group members \| Edit group role \| Add users to group \| Remove users from group
Security	Conditional Access Policies: Add conditional access policies \| View conditional access policies \| Edit conditional access policies \| Delete conditional access policies Routing Policies: Add routing policies \| View routing policies \| Edit routing policies \| Delete routing policies Security Policies: Add security policies \| View security policies\| Edit security policies \| Delete security policies Identity Providers: Add IdP \| View IdP \| Edit IdP \| Delete IdP

How are Permissions Changed?

The below table explains how the old permissions have been changed to align with the updated policies.

Old Permission	New Permission
View security policies	View security policies
Edit security policies	Edit security policies
Add security policies	Add security policies
Delete security policies	Delete security policies
Change policy status	Edit security policies
Manage password policy	Edit security policies View security policies Delete security policies
Manage allowed IPs	View conditional access policies Edit conditional access policies Delete conditional access policies
Manage web sessions	View routing policies Edit routing policies Delete routing policies
Manage MFA policy	View conditional access policies Edit conditional access policies Delete conditional access policies
View IdPs	View IdPs View routing policies
Edit IdPs	Edit IdPs Edit routing policies
Add IdPs	Edit IdPs Edit routing policies Add IdPs Add routing policies
Delete IdPs	Delete IdPs Delete routing policies
Configure SSO	Edit IdPs Add IdPs Edit routing policies