Provides read and write access to manage all dashboards, reports, apps, Strata Logging Service logs, and services within the assigned level of nested hierarchy. Includes all permissions assigned to all roles, including Superuser, and the ability to activate product licenses through email activation link. Assign only to users or service accounts that require unrestricted access across multiple tenants.

Provides read and write access to all available system-wide functions for the selected app. Includes all permissions assigned to all other roles, including MSP Superuser, granting unrestricted access across the system. Users with this role can activate product licenses through email activation links. Assign only to users or service accounts that require complete, unrestricted access to all system functions and configurations.

Provides read and write access to identity and authentication functions for the selected app. Includes read-only access to logs. No access to dashboards and Strata Logging Service logs. Ideal for administrators who manage users and authentication processes.

Provides read and write access to logs, network policy configurations, and dashboards for the selected app. Includes read-only access to other functions including alerts, license quotas, devices, and tenant service group operations. Ideal for administrators who need to maintain authentication, certificates, and decryption rules. A network administrator performs the following configuration and monitoring functions:

Provides read and write access security policy configuration and dashboard functionality. This role also provides read-only access to other functions, including but not limited to alerts, license quotas, devices, and tenant service group operations. Ideal for users responsible for managing and maintaining security policies across the system. A security administrator performs the following configuration and monitoring functions: