Role Management
Purpose
This document describes the procedure to manage roles in the portal.
Introduction
IAM (Identify and Access management) is the portal’s user management page that control access to resources. IAM is used to control who is authenticated (signed in) and authorized (has permissions) to use resources.
In IAM under the Users tab you can add new users and edit existing ones. For a user to have access within the portal they need to be assigned a Role and a Resource group. In the Roles tab there are some baseline roles pre-configured by Outpost24, these can not be edited but custom roles can be created by pressing + Add role in the bottom right corner. The Resource group has by default only All resources pre-configured which cannot be edited, If you would like to specify what assets and access the user should have, you need to add new groups.
Role-Based Access Control
IAM uses Role-Based Access Control (RBAC) to restrict access depending on a user's role within the system. The roles in RBAC refer to the levels of access that users have to resources on the network. RBAC is a method of regulating access to system resources based on the roles of individual users within the organization. Access is granted on a need-to-know basis.
Roles Management in IAM
To navigate to this section,
Log in to OUTSCAN / HIAB.
Go to Main Menu > Portal.
Click the Account icon in the upper right corner.
Select the IAM card to access the IAM page.
This displays the Identity Access Management page which is divided in three tabs, Users, Roles, and Resource Groups.
Roles
Technical Preview
This section is a technical preview of a feature that is currently under development. Some features are hidden behind a feature flag.
A user role is a role by which the user is able to operate the resources they have been granted access to. Roles consist of one or more permission, for example, the Analyst role would have Findings permission set to View. For multiple roles, the user is given the highest level of capabilities granted to any role to which they are assigned. For example, if a user is assigned to the role Admin which has the most capabilities, and also to a role Operator with a different set of capabilities, the user will have the capabilities of both roles. A user with no roles would not have any access at all.
The Roles function in the Portal does not correspond to groups in Vulnerability View (Netsec).
This view presents the detailed information about the permissions to access different modules for the available roles.
Available Resources
Available resources | Actions to perform |
|---|---|
AppStaksTM | Deny, View, View and manage |
Asset groups | Deny, View, View and manage |
Assets | Deny, View, View and manage |
Configurations | Deny, View, View and manage |
Scans | Deny, View, View and manage |
Scan policies | Deny, View, View and manage |
Schedules | Deny, View, View and manage |
Findings | Deny, View, View and manage if View and manage, select the additional actions the users will be able to perform by checking boxes:
|
Compliance | Deny, View, View and manage |
Tags | Deny, Manage |
Reports | Deny, View and manage |
Users | Deny, View, View and manage |
Scoping | Deny, Submit |
Audits | Deny, View |
Accounts | Deny, View, View and manage |
Scheduled reports | Deny, View, View and manage |
Managed reports | Deny, View, View and manage |
Dashboards | Deny, View, View and manage |
View templates | Deny, View, View and manage |
Credentials | Deny, View, View and manage |
Integrations | Deny, View, View and manage |
Events | Deny, View, View and manage |
Subscriptions | Deny, View |
CORE | Deny, View |
Built-in indicates predefined roles in the system. These roles cannot be deleted or modified so Edit and Delete actions are not available for these roles.
Hovering over the column header or the icons in the table, a tooltip is displayed after a short while.
Add Roles
To add a role,
Click on the +Add role button located on the bottom right of the window. It opens the below dialog:
Provide a name for the role.
Under each category, different permission levels are listed.
Option | Description |
|---|---|
Deny | Not visible to the user assigned with that role. |
View | Allows the user to only view. |
View and manage | Allows the users to view, add, edit, and delete the associated item. |
Manage | Allows the user to edit or delete the associated item. |
Submit | Allows the user to submit for scoping. |
View and manage and Manage actions can sometimes contain more granular choices.
Select the necessary permission level to grant for that role.
After adding all permissions, click ADD.
The newly added role is shown in the ROLES view.
The roles added by the user can be customized or deleted. Select a role and click on the respective icon to edit or delete.
When multiple roles are assigned to a user, the user is given the highest level of capabilities granted to any role to which they are assigned. For example, if a user is assigned to the role "Admin" which has the most capabilities, and also to a role "Operator" with a different set of capabilities, the user will have the capabilities of both roles.
Edit / Update an Existing Role
Clicking on the edit
icon opens the below dialog:
Make the necessary changes and click UPDATE to save the changes made to that role.
Delete Role
When you click on the Delete 
icon:
If the selected role is not assigned to any user, the below message is displayed:
If the selected role is assigned to any user, the below message is displayed:
Click DELETE to confirm.
Related Articles
Copyright
© 2025 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.
Trademark
Outpost24® and OUTSCAN™ are trademarks of Outpost24® and its affiliated companies. All other brand names, product names or trademarks belong to their respective owners.