Enterprise Admin #
The Enterprise Admin has access and controls the entire tenant. The EA can create and see all Teams and manager all users. The EA can store credentials for all Teams and create API tokens for all Teams. The EA can also approve Risk Exceptions as long as they are not submitted by themselves.
Team Admin #
The Team Admin has access and controls the Teams they are assigned by EA. The TA can create and see all users in the Teams they are assigned to. The TA can view and assign credentials for their Team assignments and create API tokens for their Team assignments. Team Admins can kick off scans for the repositories they manage.
User #
Users have only the ability to view KPI’s and Vulnerabilities for the Teams they are assigned. The can also submit Risk Exception requests and kick off scans for the repositories they can view.
Global View #
The Global View role is similar to the Enterprise Admin in that it can view everything. The difference is the Global View role does not have any manage or edit functions. Basically see everything do nothing.
Audit Role #
The Audit Role can only view, approve or deny Risk Exceptions that have been submitted by EA’s, TA’s or Users in the course of doing their work. Since they do not have the ability to create Risk Exceptions they cannot approve their own.
