Roles
Viewer, operator, admin, and owner roles build from read-only access toward operational actions, organization management, and tenant-sensitive owner actions. Platform admin is separate from tenant or organization grants.
Tenant Administration
Keep access and ownership explicit.
Tenant administration controls who can see organizations, run endpoint actions, manage users, export tenant data, and request tenant deletion.
Operating as
The operating-as selector lets an authorized user cap their effective role. Use it to test what lower-privilege users see before delegating access.
Organizations
Organizations scope endpoint visibility and action authority. New endpoints should be enrolled into the intended organization, and actions should be checked against that organization scope.
User management
Grant the narrowest role that matches the user's job. Operational users usually need operator or admin authority only in the organizations they manage.
Tenant export
Tenant owners can use the tenant settings surface to export an operational snapshot. Export is intended for records and review, not as a credential dump.
Tenant deletion
Tenant deletion is owner-level and queues endpoint uninstall work before hiding tenant data. There is no public help workflow that asks you to bypass endpoint cleanup.
Administrative safety
- Use direct tenant ownership for self-service export and deletion decisions.
- Review organization scope before enrolling hosts with many guest rows.
- Do not share bootstrap commands beyond the intended tenant, organization, and install target.
- Use support channels for account recovery rather than sending secrets in chat or contact forms.
Security model
Review mTLS agents, role-scoped actions, tenant boundaries, and deletion cleanup.
First setup
Return to the setup guide when creating the first organization or enrolling the first endpoint.