How can we help?

Search

IT Admin Role - Permissions & Scopes

Noga Tubi
Noga Tubi
  • Updated
Torii SMP
Torii Identity

Objectives

This article is intended for Torii Admin who wishes to create a controlled permission view to an IT Admin persona.

You will learn how Torii defines the IT Admin role and how to assign it to a specific user.

* Prerequisite - Read the Introduction to Role-Based Access Control (RBAC) article

 

Overview

The Torii IT admin role is made for IT personnel who are part of the Torii IT management team; however, are not the primary Torii admin.

These Torii users are responsible for the daily operation of Torii management like onboarding and off-boarding users, license utilization, review & approval process, and configuring Integrations and workflows.

The IT Admin has a full picture of the applications usage and users' details but is not exposed to financial data [Torii SMP] and is cannot change account wide settings, dashboards etc.

Note that:

  • [Torii SMP] The IT Admin role will NOT be exposed to:
    •  Contract details like custom fields and Torii attributes.
      Data about any level of cost (contract value) per org or user, department, and applications. 
    • Org expenses data like Invoices, contract files, receipts, etc. for departments, apps, and user 
  • The IT Admin role will be exposed to license data, not including the cost per license 
     

View IT Admin Role Scopes

  1. Torii provides an out-of-the-box predefined IT Admin role. You can view the role scopes but can not edit them.

     
  2. Torii users assigned with an IT Admin role have no access to License cost and chargeback, Expenses and Contracts.

     

What are the IT Admin role scopes & access levels?

  • Dashboard Management - No access
  • Applications - Take action
  • [Torii SMP] License cost and chargeback - No access 
  • User attributes - View only
  • [Torii SMP] Expenses - No access
  • [Torii SMP] Contracts - No access
  • Workflows - Take action
  • Create Workflows - Take action
  • [Torii Identity] Offboarding - Take action
  • Integrations - Take action
  • Setting - View only
  • Public views - View only
  • [Torii Identity] Application catalog - View only
  • All Scheduled Reports - No access
  • Tasks - Take Action
  • App User Access Reviews - Take Action

How to Assign a Role?

  1. Go to the Settings page.
  2. Click on Members & App Owners.
  3. Select the User to which you want to assign the role and select the role from the dropdown list


 

 

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request