Understand Organization roles
(Updated: )An Organization has three types of member roles, each with different access levels and permissions.
A user who creates an Organization automatically receives the Owner role. This role is non-editable, meaning there can only be one permanent Owner in the Organization.
Access and permissions
Below is a breakdown of access levels and permissions for each role:
| Owner | Admin | Member | |
|---|---|---|---|
| General | |||
| Manage account settings | ✅ | ✅ | ✅ |
| Access the Admin Dashboard | ✅ | ✅ | ❌ |
| Use the desktop app | ✅ | ✅ | ✅ |
| Devices | |||
| View all devices in the Organization | ✅ | ✅ | ❌ |
| Check device health | ✅ | ✅ | ✅ (only of their own device in the desktop app) |
| View device details | ✅ | ✅ | ❌ |
| Assign device licenses | ✅ | ✅ | ❌ |
| Revoke device licenses | ✅ | ✅ | ❌ |
| Security | |||
| Check the Organization threat summary | ✅ | ✅ | ❌ |
| Inspect threats on a device | ✅ | ✅ | ❌ |
| View the Organization compliance summary | ✅ | ✅ | ❌ |
| Check a device compliance | ✅ | ✅ | ❌ |
| Applications | |||
| View all apps in the Organization | ✅ | ✅ | ❌ |
| See devices where an app is installed | ✅ | ✅ | ❌ |
| View apps installed on a device | ✅ | ✅ | ❌ |
| Change app security status | ✅ | ✅ | ❌ |
| Add apps for the Organization | ✅ | ✅ | ❌ |
| Automation | |||
| Configure Smart Scan automation | ✅ | ✅ | ❌ |
| Configure Malware Scan automation | ✅ | ✅ | ❌ |
| Configure Application Updates automation | ✅ | ✅ | ❌ |
| Users | |||
| View list of the Organization users | ✅ | ✅ | ❌ |
| Invite users to the Organization | ✅ | ✅ | ❌ |
| Remove users from the Organization | ✅ | ✅ | ❌ |
| Change user roles | ✅ | ✅ | ❌ |
| Subscription and billing | |||
| Add more device licenses | ✅ | ✅ | ❌ |
| View billing details | ✅ | ✅ | ❌ |
| Manage payment details | ✅ | ❌ | ❌ |
| Get payment receipts | ✅ | ❌ | ❌ |
