AvePoint Learn
Request article
Contact support
Request article
Contact support
English

Home > Manage Customers > Tenant-Level Portal Access Roles

Export to PDF

Tenant-Level Portal Access Roles

Tenant-level portal access roles allow customer end users within a tenant to receive permissions tailored specifically to their tenant environment. These roles appear automatically when partners create and sync MSP-level portal access roles. Partners and customer users with the Portal access roles permission can also manage these roles within the tenant.

After accessing a tenant, go to Security > Portal access roles. You will see all roles synchronized from the MSP level. These roles are automatically labeled Managed by partner.

You can perform the following actions on the Portal access roles page:

  • Search – To search for a specific role, enter the keywords of the role name in the search box. Then, press Enter on the keyboard.

  • View and edit details – Click a role name. The Role details page appears. On the Role details page, you can click the pencil button under each tab to edit the role details. Note that the general information of the role managed by partner cannot be edited; you can only add the users and functional roles to the role.

  • Create – Click Create role in the upper-right corner, and then refer to the instructions below to create a role.

  • Duplicate – Select a role and click Duplicate. Enter a new name and optional description and click Save. A same role with the new name will be created.

  • Detach – Select a role and click Detach. A pop-up window appears asking for your confirmation. Click OK. The role will detach from the MSP-level role. Any updates in the MSP-level role will not be synchronized to this tenant-level role.

  • Delete – Select one or more roles and click Delete. Note that the roles managed by partner cannot be deleted. A pop-up window appears asking for your confirmation. Click OK to confirm your deletion. The role managed by partner cannot be deleted.

Create a Tenant-Level Portal Access Role

To create a portal access role, complete the following steps:

  1. Click Create role above the table. The Create role page appears.

  2. In the Basic information step, enter a name and an optional description for the role. Then, click Next.

  3. In the Permissions step, select the tenant-level permissions you want to assign to this role. You can Assign granular access restrictions to specific functionalities within the following modules/features. For streamlined configuration, use the filter controls located above the service list to refine and select appropriate permissions for assignment. Then, click Next.

    • Baseline management

    • Workspace management

    • User management

    • Functional roles

    • Risk management

    • Change management communication

    • Device management

    • Marketplace

    • Workflows

    • Tenant settings

    • Security

  4. In the Assign members step, click Add user to assign permissions to tenant users. In the Add user window, enter and select the desired users, and then click Add to add the users.

    To remove the added users, select them and click Remove user.

  5. If the tenant does not have the User management subscription, click Save to create the role.

    If the tenant has the User management subscription, click Next to go to the Assign functional roles step.

  6. In the Assign functional role step, click Add functional role to assign permissions to functional roles. In the Add functional role window, enter and select the desired functional roles, and then click Add to add the functional roles.

    To remove the added functional roles, select them and click Remove functional role.

  7. Click Save to create the role.