VULNERABILITY DIGEST FROM ACTION1

Patch Tuesday and third-party updates | This Wednesday | 12 PM EST / 6 PM CET

Action1 5 Documentation 5 Users and Roles

Users and Roles

 

Managed Service Providers and larger enterprises are encouraged to use the multi-tenancy in Action1 – create several organizations within your Action1 account and organize managed endpoints around them. To share access to organizations’ data and settings with your co-workers, Action1 enables you to invite users and assign roles.

Understanding Roles

By default, the user who creates the first organization becomes both the Organization admin and Enterprise admin. Unless there are multiple organizations, the chief administration role is displayed just as “Admin”.

Action1 comes with preset roles and each role provides rights to a limited scope of Action1 functionality. It enables you to grant access to data specifically needed by the user’s position and establish a “least privilege” model, i.e., limit user rights exclusively to their tasks.  

  • Viewer – Organization: the least elevated role. Recommended for users who need read-only access to data such as security officers, consultants, or internal auditors.
  • Manager – Organization: a limited administration role. Recommended for helpdesk personnel and organization operators.
  • Organization admin – Organization: this role gives unlimited access to data and configuration settings within an organization. Recommended for system administrators.
  • Enterprise admin – Entire enterprise (My enterprise): the tenant-wide administration role. This is the most powerful role.

Scope

Download and install Action1 agent
Endpoints
Endpoint groups
Remote desktop
Automations
Automation history
Alerts
Installed software
Software Repository
Update Approval
Custom reports
Built-in reports
Agent Deployment
Script Library
Subscription
Organizations
Users
Data sources
API credentials
Advanced settings

Viewer – Organization

Not available
Read-only
Read-only
Not available
Read-only
Read-only
Read-only
Read-only
Read-only
Read-only
Read-only
Read-only
Read-only
Read-only
Not available
Not available
Not available
Read-only
Not available
Read-only

Manager – Organization

Read & write
Read & write
Read & write
Read & write
Read & write
Read & write
Read & write
Read & write
Read-only
Read-only
Read-only
Read-only
Read & write
Read-only
Not available
Not available
Not available
Read-only
Not available
Read-only

Organization admin – Organization

Read & write
Read & write
Read & write
Read & write
Read & write
Read & write
Read & write
Read & write
Read-only
Read & write
Read-only
Read-only
Read & write
Read-only
Not available
Read & write
(only org name and roles)
Read-only
Read-only
Read-only
Read-only

Enterpise admin – Entire enterprise (My enterprise)

Read & write
Read & write
Read & write
Read & write
Read & write
Read & write
Read & write
Read & write
Read & write
Read & write
Read & write
Read & write
Read & write
Read & write
Read & write
Read & write
Read & write
Read & write
Read & write
Read & write

Inviting Users

  1. Navigate to the Users page – it lists users across all organizations who have access to the Action1 account.
Manage user access to Action1
  1. Select + Invite to add a new user.
  2. In a window that opens, select the identity provider to use (Action1 or Entra ID), provide the user’s name, their email address, and a temporary password. Finally, link a user either to a specific organization or to the entire enterprise (My enterprise) and assign a role. Update the session duration if necessary. The user will get an email invitation to join Action1.

To remove or change user assignments, select actions next to a user and pick an action. Note that you have to revoke all user roles before deleting a user.

To enable single sign-on (SSO), read related articles on Entra ID, Google, Okta, and Duo SSO.

Invite a user

Assigning and Managing Roles

  1. Navigate to the Organizations page to review available organizations and role assignments. To learn more about organizations and how to switch among them, see Multi-Tenancy for MSPs and Enterprises.
  2. Select an organization from the list. To see tenant-wide assignments, select My Enterprise [Entire Enterprise]. Note that you must have appropriate permissions to manage user assignments (enterprise or organization admin role depending on the settings you want to change).
  3. Review users and their roles. On top of that, Action1 displays the API credentials that were configured for the organization or enterprise.
User management capabilities
  • To add a new user assignment, select Add Users. Then, select a user from the list and pick a role. Make sure to invite a user first on the Users page.
  • To modify or revoke roles, select actions next to a user name and pick an option such as Remove role and Make manager.