Set local User Roles

Depending on whether we are highlighted or regular users, we can access different menu items and perform different activities accordingly.

In PassMan, four different roles can be assigned:

• PassMan user (by default, if no role is selected, the user will have this role assigned)
• User administrator
• Auditor
• Webpmsl User

A user can be assigned multiple roles.

Let's see which sections a PassMan user can access:

• Secret import
• Activity report

Now let's go over what a User Administrator can access:

• Secret import
• User administration
• Group administration
• Activity report

Let's explore what makes the Auditor role special:

A user with the Auditor role has access to non-sensitive data stored in the system for the purpose of auditing PassMan, as well as to log files and reports that record the system's operations.

The Auditor cannot view secrets: passwords, SSH keys, uploaded files, or documents.

The Activity report is visible to everyone, but each user can only view their own activities.

Only users with the Auditor role can view the activities of all users.

To assign roles, you need to be in the User Administrator role.
Role changes can be made in the User administration menu.

The PassMan user role can be assigned to the following:

• PassMan local user
• PassMan local group
• Authentication service provider groups:
  • Microsoft AD
  • Azure AD
  • JIRA