What is role-based administration?

Zscaler’s role-based administration enables you to control what different admins can do in the Zscaler admin portal. You can delegate responsibilities among admins and granularly control their level of access to the admin portal to ensure they do not create conflicting policies and settings.

To facilitate role-based administration, each admin account comprises a role and scope:

  • With admin role, you can specify which features admins can access in the admin portal.
  • With admin scope, you can specify which areas of the organization (for example, which departments or which locations) admins can configure policies or settings in the admin portal.

You can configure role-based administration using role and scope. For example, you can give your organization’s CISO the ability to set only security policies in the admin portal (specified through role), but enable the CISO to set security policies for the entire organization (specified through scope). Similarly, you could give the Marketing Director the ability to set access policies relevant to productivity and compliance (specified through role), but allow him or her to do so only for a specific location or department (specified through scope). To read more about other examples of role-based administration, click here.

Zscaler provides a default admin account that has full access to the admin portal and scope over the entire organization. This account cannot be edited or deleted. With role-based administration, you can add as many additional admins as necessary to meet the specific needs of your organization. You can also edit and delete admins as necessary at any time.