Roles based access control (RBAC) includes the administrator titles of Analyst, Auditor, Administrator, and Automator. Each role has specific permissions to offer quick assignment with appropriate access to Workspace ONE Intelligence features.

To create a super admin, assign all roles to the admin account. Workspace ONE Intelligence does not have a separate, single role for the super admin.

RBAC Admin Descriptions

  • Administrator - The administrator can create identity and access management, admins, and integrations.
    • Insights permission - Read
    • Settings permissions - Create, update, and delete
  • Analyst - An analyst can create, work, and delete their own objects and can work in other objects depending on their permissions. They cannot work in Settings or Automations.
    • Insights permission - Read
    • Dashboards permissions - Create, update, and delete
    • Reporting permissions - Create, update, and delete
  • Auditor - The auditor can see what other admins are creating for auditing purposes. They have read access to everything and everything that gets created. If you have an auditor that also edits objects, add one of the other roles to the account.
    • Insights permission - Read
    • Dashboards permission - Read
    • Reporting permission - Read
    • Automations permission - Read
    • Settings permission - Read
  • Automator - The automator can create, work, and delete automations. They can also configure integrations in Settings that are used in automations. Restricting other admins from creating automations helps control the large impact automations have on endpoints. It also helps with reduced creation of automatons that overlap or conflict.
    • Insights permission - Read
    • Automations permissions - Create, update, and delete
    • Integrations permissions - Create, update, and delete
check-circle-line exclamation-circle-line close-line
Scroll to top icon