Manage user permissions

Roles define what actions users can perform, while device groups control which devices they can access. Use these tasks to assign or update roles and device group memberships for one or more users. To learn more, see Roles and privileges.

As a best practice, for enterprise environments, consider managing roles through your external IdP. Local role management is intended for small clouds only. If SSO is enabled, IdP rules override local permissions. To learn more about IdP configuration, see Federated SSO for external IdP.

In this section: