Workspace ONE Access uses role-based access control to manage delegation of roles. You assign the Super Admin, Directory Admin and ReadOnly roles to Active Directory groups to manage access to Workspace ONE Access.
You assign the following administrator roles to the corresponding user groups.
| Workspace ONE Access Role |
Example Active Directory Group Name |
|---|---|
| Super Admin |
wsa-admins |
| Directory Admin |
wsa-directory-admin |
| ReadOnly Admin |
wsa-read-only |
Procedure
- In a web browser, log in to Workspace ONE Access by using the administration interface to the System Domain with configadmin user (https://<wsa_fqdn>/admin).
- On the main navigation bar, click Roles.
- Assign Workspace ONE Access roles to Active Directory groups.
- Select the Super Admin role and click Assign.
- In the Users / User Groups search box, enter the name of the Active Directory group you want to assign the role to, select the group, and click Save.
- Repeat this step to configure the Directory Admin and the ReadOnly Admin roles.
