Understand the different roles and what each one can do.
Introduction:
Senturo offers flexible role-based access control to help organizations delegate permissions effectively across team members. Each role comes with its own set of permissions, allowing admins to tailor access levels to different responsibilities. Below is a breakdown of the available roles and what each one allows.
Available Roles
-
Owner: Full access to every area of the platform, including organization-wide settings.
- Admin: High-level access excluding user and org settings.
-
Group Admin: Similar to Admin but with additional access to User Management. Can assign users to device groups.
-
Investigator: Designed for those who need full visibility but not full administrative control.
-
Analyst: View-only access across most areas, with limited mass action permissions.
-
Broadcaster: Limited to viewing and managing broadcast templates and messages.
-
Remote: Primarily for offsite or delegated use cases, with limited permissions.
Role Capabilities
Device Management Permissions
| Owner | Group Admin | Admin | Investigator | Analyst | Broadcaster | Remote | |
| Quick Filters | View/Edit | View/Edit | View/Edit | View/Edit | View/Edit | View/Edit | View/Edit |
| Custom Filters | View/Edit | View/Edit | View/Edit | View/Edit | View/Edit | View/Edit | View/Edit |
| Groups | View/Edit | View/Edit | View/Edit | View/Edit | View | View/Edit | View/Edit |
| Tags | View/Edit | View/Edit | View/Edit | View/Edit | View | View | View/Edit |
| Notes | View/Edit | View/Edit | View/Edit | View/Edit | View | — | — |
| Location History | View | View | View | View | View | — | View |
| Network | View | View | View | View | View | — | — |
| Screenshots | View | View | View | View | View | — | — |
| Actions | View | View | View | View | View | — | — |
| Policies | View | View | View | View | View | — | — |
| Broadcaster | View | View | View | View | View | — | — |
Mass Actions Permissions
| Owner | Group Admin | Admin | Investigator | Analyst | Broadcaster | Remote | |
| Change Security Status | YES | YES | YES | YES | NO | NO | NO |
| Remote Lock | YES | YES | YES | YES | NO | NO | YES |
| Remote Wipe | YES | YES | YES | YES | NO | NO | YES |
| MDM Remote Lock | YES | YES | YES | YES | NO | NO | YES |
| MDM Remote Wipe | YES | YES | YES | YES | NO | NO | YES |
| MDM Lost Mode | YES | YES | YES | YES | NO | NO | NO |
| Automation Pulse | YES | YES | YES | YES | NO | NO | NO |
| Download Report | YES | YES | YES | YES | NO | NO | NO |
| Move to Group | YES | YES | YES | YES | YES | YES | YES |
| Request Data | YES | YES | YES | YES | NO | NO | NO |
| Assign to User | YES | YES | YES | NO | NO | NO | NO |
| Add Tags | YES | YES | YES | NO | NO | NO | YES |
| Add Notes | YES | YES | YES | NO | NO | NO | NO |
| Delete Tracking Data | YES | YES | NO | NO | NO | NO | NO |
| Delete Devices | YES | YES | NO | NO | NO | NO | NO |
Broadcast Permissions
| Owner | Group Admin | Admin | Investigator | Analyst | Broadcaster | Remote | |
| Edit Table View | YES | YES | YES | NO | NO | YES | NO |
| Delete Table View | YES | YES | YES | NO | NO | NO | NO |
| Edit Calendar View | YES | YES | YES | NO | NO | YES | NO |
| Delete Calendar View | YES | YES | YES | NO | NO | NO | NO |
| Edit Template | YES | YES | YES | NO | NO | YES | NO |
| Delete Template | YES | YES | YES | NO | NO | YES | NO |
| Create New Message | YES | YES | YES | NO | NO | YES | NO |
| Create New Broadcast | YES | YES | YES | NO | NO | YES | NO |
Security Policies Permissions
| Owner | Group Admin | Admin | Investigator | Analyst | Broadcaster | Remote | |
| View Table | YES | YES | YES | YES | YES | NO | NO |
| Edit Table | YES | YES | YES | NO | NO | NO | NO |
| Delete Table | YES | YES | YES | NO | NO | NO | NO |
| Ad Policy | YES | YES | YES | NO | NO | NO | NO |
Other Permissions
| Owner | Group Admin | Admin | Investigator | Analyst | Broadcaster | Remote | |
| Device Enrollment | YES | YES | YES | NO | NO | NO | NO |
| Audit Log | YES | YES | YES | YES | YES | NO | NO |
| Integrations (connect/edit) | YES | YES | YES | NO | NO | NO | NO |
| Notification Center | YES | YES | YES | NO | NO | NO | NO |
| Org Settings | YES | NO | NO | NO | NO | NO | NO |
Conclusion
Use this guide to assign the appropriate role to each team member based on their responsibilities and access needs. Group Admin is ideal for onsite leadership with access to user management, while Admin roles suit broader technical responsibilities.
FAQs
Q: Can a user have multiple roles?
A: No, each user can only have one role at a time.
Q: What happens if a user needs access to only broadcasts?
A: Assign them the Broadcaster role. It allows control of broadcast messaging and templates without access to other device features.
Q: Who can manage other users?
A: Only Owners and Group Admins have access to user management.