Skip Navigation

Add a role

Custom roles are globally scoped and provide full operational access to the related pages and actions for a defined area. For example, if a custom role has permissions allowed for the zone features, any user assigned to the role has access to all functionality available on the Zones or Zone Details pages.
If access is not selected for a role, users will not see that page in the  menu or be able to navigate to the page from anywhere within the console. For example, if a custom role has permissions allowed for threats and disallowed for devices, the Threat Protection page displays in the menu while the Devices page does not. If the user views the Threat Details page for a threat, the affected devices and zones will display but the user will receive an error page when attempting to click the link for details for a specific device.
  1. In the management console, on the menu bar, click
    Settings > Administrators
    .
  2. Click
    Roles
    .
  3. Click
    Add New Role
    .
  4. Type a name for the role.
  5. Click the
    Access
    checkbox beside any feature that you want to allow this role to access. Expand sections to see more options. See Permissions for administrator roles for more information.
  6. Click
    Add Role
    .
  • To edit a role, click an existing role and modify the name or permissions. The updated name or permissions will be applied to any users assigned to the existing role.
  • If a predefined or custom role has users assigned, you can click the link in the
    Assigned Users
    column to view the email for any users assigned to that role. You can click the email to view the User Details page for that user.
  • To delete a role, click a checkbox beside a role that does not have any users assigned to it, then click
    Remove
    . If a role has users assigned to it, you cannot select the checkbox.