User Management

This page explains how to setup and manage users within Secberus.

User management overview

Secberus allows you to invite team members to view and contribute to organizations in your account. Using the role-based access control (RBAC) method of regulating access, users are assigned roles within an organization to grant only the amount of access needed to perform their jobs. (See managing user access for more information.)

For customers that need to provide a more granular level of access, Secberus includes the ability to create custom roles via access policies, utilizing the attribute-based access control (ABAC) method.

Creating a user

To create a user, first navigate to the Secberus Admin by clicking Manage account in the Organization Select Menu.


Then select the Users item in the sidebar.

Click the + New user button to bring up the setup screen.


Include the new user's first name, family or last name, and email address, then hit Create.


Once the user account is created, the user will need to be assigned a role(s) in order to access one or more organizations.

The user will receive an email with instructions to sign into their account. They will be able to view/manage organizations based on the roles they are assigned.



Only users with the role account owner, can create, edit, and remove users. By default, your Secberus account will be set up with one organization and one user that has the role of account owner. There can be multiple users with the account owner role within a Secberus account.

Managing user access

To manage the access permissions for a user, navigate to the user settings page by navigating to the Secberus Admin and selecting the Users item.

Click on the user you would like to manage access for.


Click the + Add permissions button to bring up the Add permissions configuration or check the Account owner checkbox to give the user unrestricted access to your Secberus account.


Choose the Organizations the user should have access to, and then select the Roles the user should have for those specific organizations. See Predefined roles for a detailed list of access roles and permissions, or you can create custom roles.


You can use multiple Roles together to determine a user's access to each organization.


Predefined roles

The following roles are available for organization access.

FeaturesViewerContributorAdministratorAccount owner
View violations, compliance, and overview dashboardsxxxx
Data Explorer
View and execute queriesxxxx
Create, edit, and delete queriesxxx
View tablesxxxx
Create, edit, and delete viewsxxx
List viewsxxxx
Data sources
View data sourcesxxxx
Create, edit, and delete data sourcesxx
View policy detailsxxxx
Create, edit, and delete policiesxxx
View, create, edit, and delete policy exceptionsxxx
View, create, edit, and delete policy categoriesxx
Enable/disable policy frameworksxx
View violationsxxxx
Mark violations as exceptionsxxx
View workflowsxxxx
Create, edit, and delete workflowsxx
View integrationsxxxx
Create, edit, and delete integrationsxx
View reportsxxxx
Create, edit, and delete reportsxx
Activity log
View activity logx
Organizations and User management
View, create, edit, and delete organizationsx
Create, edit, and delete usersx
Manage user accessxx
Enable SSOx