Permissions
User Guide: Admin Tab
Permissions
If creating a custom role for an organization, it is important to combine permissions correctly so users will be able to access all the features they need to do their jobs. While some of the permissions can grant standalone access to just one feature at the exclusion of all the rest, most are dependent on at least one other permission to function. For example, all permissions except the Admin Organization permission must also have a Support Dashboard permission within the same role in order for the user to access his or her Account Settings page. The table below lists each permission, and any "Prequisite Permission(s)" upon which that permission is dependent.
Assigning a user a role without the correct prerequisite permissions can cause the user to receive an error message upon opening a page or clicking on a feature for which they do not have permission.
Most permissions have a View type and a Manage type. The View type grants view-only access to the feature, and the Manage type grants access to make changes to the feature. For prequisite permissions, the View type is required at minimum. For example, the Admin Roles Manage permission can function when the Admin User View permission is also granted; the Admin User Manage permission could be granted in that role instead of Admin User View and accomplish the same result, but it would also give that role access to create, edit, and delete all user accounts, which the role would not have with Admin User View.
If looking to implement basic roles that grant blocks of permission based on the tab navigation in BlueFletch Portal, such as a Playbook View role to view all features within Playbook MDM or a Launcher Admin role to manage all features within Enterprise Launcher, BlueFletch recommends using the predefined roles that come with the organization by default.
Admin Download View
None
Ability to view and download BlueFletch device applications.
Admin Files Manage
Admin Organization View/Manage
Ability to create, edit, and delete organization files.
Admin Files View
Admin Organization View/Manage
Ability to view organization files.
Admin Organization Manage
None
Ability to edit organization settings.
Admin Organization View
None
Ability to view organization settings.
Admin Playbook Agents View
Support Dashboard View, Support Report View
Ability to view the list of available Playbook MDM Agents.
Admin Roles Manage
Admin User View/Manage and Support Dashboard View
Ability to create, edit, and delete organization roles.
Admin Roles View
Support Dashboard View, Support Report View
Ability to view the available organization roles.
Admin Sites Manage
Support Dashboard View, Support Report View
Ability to create, edit, and delete sites within the organization.
Admin Sites View
Support Dashboard View, Support Report View
Ability to view the organization Sites page.
Admin User Manage
Admin Organization View/Manage
Ability to create, edit, and delete users within the organization.
Admin User View
Support Dashboard View, Support Report View
Ability to view users within the organization.
API Key Management
Admin Organization View/Manage
Ability to create, manage, and view API Keys.
API Key View
Admin Organization View/Manage
Ability to view API Keys.
Audit Log View
Support Dashboard View, Support Report View
Ability to view and query the audit logs.
Chat Management
Support Dashboard View, Support Report View
Ability to create and manage Chat groups, along with view Chat messages.
Chat View
Support Dashboard View, Support Report View
Ability to view Chat groups and Chat messages.
Device Find
Support Dashboard View, Support Report View
Ability to send a notification to a device to trigger an audible alarm.
Device Remote Chat
Support Dashboard View, Support Report View
Ability to start a remote chat with a device user.
Device Remote Control
Support Dashboard View, Support Report View
Ability to start a remote control session of a device.
EMM Device Manage
EMM Enterprise View/Manage, Support Dashboard View, Support Report View
Ability to manage EMM devices.
EMM Device View
EMM Enterprise View/Manage, Support Dashboard View, Support Report View
Ability to view EMM devices.
EMM Enterprise Manage
EMM Policy View/Manage (or EMM Device View/Manage), Support Dashboard View, Support Report View
Ability to associate organization with Google Play create, edit, and delete organization enterprise settings.
EMM Enterprise View
EMM Policy View/Manage (or EMM Device View/Manage), Support Dashboard View, Support Report View
Ability to view organization enterprise settings.
EMM Policy Manage
EMM Enterprise View/Manage, Support Dashboard View, Support Report View
Ability to create, edit, and delete EMM policies.
EMM Policy View
EMM Enterprise View/Manage, Support Dashboard View, Support Report View
Ability to view EMM policies.
EMM Policy Token Manage
EMM Policy View/Manage, EMM Enterprise View/Manage, Support Dashboard View, Support Report View
Ability to create, edit, and delete EMM policy tokens.
EMM Policy Token View
EMM Policy View/Manage, EMM Enterprise View/Manage, Support Dashboard View, Support Report View
Ability to view EMM policy tokens.
IP Address Allow List Manage
Support Dashboard View, Support Report View
Ability to add and delete entries from the IP Address allow list.
IP Address Allow List View
Support Dashboard View, Support Report View
Ability to view the IP Address allow list.
Launcher Config Manage
Support Dashboard View
Ability to create, edit, and delete launcher configurations.
Launcher Config Manage
Support Dashboard View, Support Report View
Ability to create, edit, and delete launcher configurations.
Launcher Config View
Support Dashboard View, Support Dashboard View, Support Report View
Ability to view launcher configurations.
Launcher Notification Test
Support Dashboard View, Support Report View, Launcher Config Manage
Ability to use the Launcher notification test feature.
MDM Deployment Group Manage
MDM Playbook View/Manage, MDM Play View/Manage, Support Dashboard View, Support Report View
Ability to create, edit, and delete Playbook MDM deployment groups.
MDM Deployment Group View
MDM Playbook View/Manage, MDM Play View/Manage, Support Dashboard View, Support Report View
Ability to view Playbook MDM deployment groups.
MDM Device Manage
Support Dashboard View, Support Report View
Ability to manage Playbook MDM devices.
MDM Device View
Support Dashboard View, Support Report View
Ability to view Playbook MDM devices.
MDM Playbook Manage
MDM Deployment Group View/Manage, MDM Play View/Manage, Support Dashboard View, Support Report View
Ability to create, edit, and delete Playbook MDM playbooks.
MDM Playbook View
MDM Deployment Group View/Manage, MDM Play View/Manage, Support Dashboard View, Support Report View
Ability to view Playbook MDM playbooks.
MDM Play Manage
MDM Deployment Group View/Manage, MDM Playbook View/Manage, Admin Download View, Support Dashboard View, Support Report View
Ability to create, edit, and delete Playbook MDM plays.
MDM Play View
MDM Deployment Group View/Manage, MDM Playbook View/Manage, and Support Dashboard View
Ability to view Playbook MDM plays.
Support Dashboard Explorer
Support Dashboard View, Support Report View
Ability to use the Support Explorer Tool.
Support Dashboard Manage
Support Report View
Ability to create, edit, and delete Support Analytics Dashboards.
Support Dashboard View
Support Report View
Ability to view Support Analytics Dashboards.
Support Report Manage
Support Dashboard View, Admin User View/Manage
Ability to create, edit, and delete organization reports.
Support Report View
Support Dashboard View
Ability to view the list of reports and subscribe to report emails.
Last updated