Help Docs

Different User Roles and Role Based Access Permissions

Organization Role and Site24x7 Role

There are various roles and user privileges allocated to individual users in Site24x7. The users of the organizations can have role-based access control (RBAC) in Site24x7 based on specific requirement. The roles available are categorized under Zoho Organization account roles and Site24x7 account roles.  

Get to know about

Organization Role:

Site24x7 is a service by Zoho Corporation and use Zoho Accounts as a service for single-sign-on. Hence, by default each Site24x7 Account will be associated to a Zoho Organization Account. As an Organization admin, you can assign or change the user organization roles using Zoho Directory. For further clarification you can contact Site24x7 support team.

The following are the user roles in an Organization Account: 

  1. Org Admin: Admins are the primary account holder of the Zoho Organization account. A person having Super Admin or Admin role in their Organization account can add anyone as a Site24x7 sub-user.
  2. Org User: Users have no control on user management, like Org Admins. If they have Super Admin or Admin role in Site24x7 account, they can add any existing Zoho Organization user as a Site24x7 sub-user.

    Note

     

    • Your role in the Zoho Organization account dictates your Site24x7 account privileges.
    • A user email address can't be linked to multiple Zoho Organization accounts (and Site24x7 accounts. If you wish to add a user (who is already a part of another Zoho Org account) to your Zoho Org account, the user must exit the previous Organization account to be able to join your Organization.
    • A few points to ponder before learning about the various Site24x7 roles:
      • Site24x7 account Super Admin rights alone doesn’t gurantee you any privilege to add a user; you must have the Organization Admin role as well.
      • There can be multiple Organization Admins, but only a single Organization Super Admin.
      • An Organization Super Admin can't transfer their role to another user or make an existing Org Admin to be a Super Admin. If you wish to transfer the Super Admin privilege to another user, please contact Site24x7 support for any such requests.
    • Zoho Corporation is the parent company of Site24x7 and Site24x7 uses Zoho Accounts for Identify and Access Management(IAM). Whenever a user signs up with Site24x7, an Org account will be created in the back-end in Zoho Accounts to provide Single Sign-On for all the Zoho applications, including Site24x7.
    • Our team is currently working on providing a single interface through 'Zoho Directory' for all Org Level changes. However, till this is released, Users with a paid subscription of Zoho Mail can use https://mailadmin.zoho.com to make any org level changes in Zoho accounts. For other users, we request you to contact our support team for all the Org related changes. Please contact us at support@site24x7.com and we assure to assist with the necessary changes.

     

Site24x7 Role:

Site24x7 lets you have control over the access levels of the users in your Site24x7 account. Being the administrator of your Site24x7 account gives you the privilege to add, edit, or delete multiple users from your account. You can also provide RBAC on the roles that they perform with your Site24x7 account.

Following are the user roles in Site24x7, which can be entailed to a particular contact:

  1. Super Admin: If you’ve created your Site24x7 account, you’ll be the Super Admin for your Organization and Site24x7 accounts. You will have the complete operational and management control over these accounts.  
  2. Admin:The Admin role will have most of the privileges similar to the Super Admin role, except for subscription billing.  Admins with monitor-group-level access can not edit/ modify profiles created by other users, but will have read-only permission. They will have access to only the logs of the IT Automation templates that they created.
  3. Operator: An Operator role allows you to schedule, edit, or delete a new maintenance window created by yourself until a Super Admin or Admin modifies it. However, they will not have any privilege to modify maintenance windows created by other user roles. Operators can assign a technician to manage alarms. However, operators cannot associate new IT Automations to the account. Operators can create, update, and delete Custom Reports and Global Benchmark Reports created by themselves. They do not have sufficient privilege to edit or delete a report created by other users. An Operator with group-level permissions can't schedule maintenance using tags as the resource type.
  4. Spokesperson: Spokesperson can post Status page announcements via the Public Status Pages. Additionally, the spokesperson will also have read access to most of the modules of that particular Site24x7 account. The Spokesperson has read only permission to Custom Reports and Global Benchmark Reports generated by all users. However, the Spokesperson can only access the data of those monitors (in the monitor group) for which permission is provided.
  5. Billing Contact: Billing Contact will have access only to the Subscription module inside Admin tab. 
  6. Hosting Provider: This user will not have read/write access permissions for any other function except to schedule a maintenance under Admin tab.
  7. Read Only: This user will have read only access to most of the modules in the Site24x7 account. For a Custom Report and a Global Benchmark Report, you can view the reports of all the monitors for which permission is allocated. However, the user can perform actions like Poll Now, Export & email Reports.  
  8. Alert Contact: This user will not have access to Site24x7 Client/API. However, they can get alert notifications if they're part of an alert group associated with a monitor in Site24x7.
Note

 

  • Apart from Super Admin and Admin, no other user role will have access to the IT Automation logs.
  • You will not be able to edit the role of the users if the user has not accepted the invitation to join the organization.

 

The following table explains each Site24x7 roles and their related functions in detail:

Function/Roles Super Admin Admin Operator Billing Contact Spokesperson Hosting Provider Read Only 
Add/Edit/Suspend/
Activate
/Delete Monitor
Yes Yes Activate/ Suspend

No Access

No No No
Monitor Details/ Monitor Summary Yes Yes Yes

No Access

Yes Can view Monitor Summary Page No
Add/Edit a New
Contact or
Contact Groups
Read and Write Read and Write No Access No Access No Access No Access No Access
Generate Unique
Device Key
Yes Yes No Access No Access No Access No Access No Access
Reports, Schedule
Reports,
Report Settings
Read and Write Read and Write Read  No Access Read No Access Read
Custom Dashboard Read and Write Read and Write Read and
Write (Add/Edit/
Delete custom dashboard created by you)
No Access Read No Access Read
Schedule Maintenance Read and Write Read and Write Read and
Write (add/
edit/delete
maintenance created by you)
No Access Read Read and
Write (Add/Edit/
Delete maintenance created by you)
Read
Add, Edit, Execute, Delete IT Automations Yes Yes No No No No No
Custom Report and
Global Benchmark
Report
Read and Write Read and Write Read and Write
(1. Can only edit/delete
 own report.
2. Can access
 data
of only those monitors
(in the selected
monitor group)
for which
permission is provided.)
No Access Read (Can access data
of only those monitors
(in the selected 
monitor group)
for which
permission is provided.)
No Access Read (Can access
data of only those monitors
(in the selected 
monitor group) 
for which
permission is
provided.)
Publish/Export/Email
Reports
Read and Write Read and Write Read  No Access Read No Access Yes
(Export & email
reports only)
Dashboard and
Portal Integration
Read and Write Read  Read No Access Read No Access Read
Status page
announcements
Read and Write Read and Write Read No Access Read and 
Write
No Access Read
Subscription: Upgrade/Downgrade
Account, Add Credits,
Purchase Alert
Packs, Raise
Purchase Orders

Read and Write No Access No Access Read and Write No Access No Access No Access
Server Settings Yes No No No No No No
Server Management Action Yes Yes No No No No No

Admin with group-level permissions

An admin with monitor-group-level permissions can edit or delete monitors they can access. They can't add, edit, or delete monitor groups, but can add them from the Add Monitor page. Admin with group-level permissions:

Allowed to:

  • Edit milestones created for monitors they've added as well as for monitor groups created by other users. Can't add/edit/delete milestones for all monitors and for monitors or groups that they don't have access to but will have read-only permission.
  • Add Subgroups.

Not allowed to:

  • Access alert logs
  • Access audit logs
  • To create integrations that have a limitation of one per account, like SDP, SDP On-Demand and SDP CMDB.
  • To modify report settings
  • Schedule maintenance by choosing tags as the resource type

Limited permissions:

Will not have All Monitors option available in:

  • Schedule report
  • Public reports
  • Third-party integrations
  • Mute alerts.

An admin with group-level access will not be able to choose the All Monitor option while creating/updating a report. However, when a Super Admin modifies the report settings, an admin with group-level permission will be able to access all monitors. So, Super Admins need to be cautious while editing Scheduled/Public reports created by admins with group-level permission.

Assigning and Editing User Roles

A role can be assigned to a user while adding them in the Site24x7 web console. For details on how to add a user to Site24x7, refer here. Please note that when you add a user to Site24x7, an invite will be sent to them, upon the acceptance of which they can access the web console. You can also modify the user role by after they have accepted the invitation, by editing the user details

StatusIQ Role:

You can provide users with various access permissions based on the roles that they perform with your StatusIQ account. Following are the user roles in StatusIQ, which can be assigned to a particular user:

  1. StatusIQ Super Admin: Super Administrators will have complete access to the StatusIQ account.
  2. StatusIQ Admin: Administrators will have read/write access to the most of the modules except the Billing section.
  3. StatusIQ Spokesperson: Spokesperson will have read only access to most parts of the module. The only write permission the Spokesperson has is to post updates.
  4. StatusIQ Billing contact: User will have access only to Billing modules for Upgrade and Renewals.
  5. StatusIQ Read person: User will have read only access to the account.
  6. StatusIQ MSP Admin: MSP Admins will have unrestricted access to the MSP Portal.
  7. StatusIQ MSP Operator: MSP Operators will have read only access to the MSP Portal.
Learn more about StatusIQ.

CloudSpend Role:

Provide users with various access permissions based on the roles that they perform with the CloudSpend account. Following are the user roles that can be assigned to a particular user:

Cost Administrator: Cost Administrator will have full access including the persmissions to add, modify or delete AWS accounts, business units, budgets, and users. But when an existing user is promoted to a Cost Administrator role, he will have all the privileges of an administrator except the one to add new users.

Cost User: A Cost User has read-only access.

Learn more about CloudSpend.

Was this document helpful?

Would you like to help us improve our documents? Tell us what you think we could do better.


We're sorry to hear that you're not satisfied with the document. We'd love to learn what we could do to improve the experience.


Thanks for taking the time to share your feedback. We'll use your feedback to improve our online help resources.

Shortlink has been copied!