Manage Roles
When your organization purchases Cortex XDR,
the Account Administrator can use the Palo Alto Networks hub to
assign roles to other members that have accounts in the Customer
Support Portal.
To activate Cortex XDR apps, you must be assigned
either the Account Administrator or App Administrator role for Cortex
XDR. If you are activating
a new Cortex Data Lake instance you must also be assigned either
administrative role for Cortex Data Lake.
After activation,
Account Administrators can assign additional users roles to manage
your apps. If the user only needs to manage a specific instance
of an app, you can assign the Instance Administrator role.
To
assign the roles, Account Administrators (or users that are assigned
the App Administrator for the relevant app) can take the following
steps:
- If necessary, add a new Customer Support Portal user.To be eligible for role assignment in Palo Alto Networks hub, the user must have an account in the Customer Support Portal (https://support.paloaltonetworks.com/) and be assigned any of the following Customer Support Portal roles: Super User, Standard User, or Limited User. Skip this step if the user already has a Customer Support Portal account with an appropriate role.
- Manage the level of access for a Cortex user.
- Log in to the hub and select.
Manage Roles - Use the sidebar to filter users as needed or the search field to search for users.
- Select one or more users and thenAssign Roles.
- For each app, select either theApp Administratorrole to provide full access toAll InstancesorInstance Administratorto provide access only for specific app instances.If you assign the user theAccount Administratorrole, then you cannot assign the user any other more granular role. To assign more granular Administrative Roles,Remove Account Administratorrole, then assign the desired granularROLEforAll Instancesof an app or for a specific app instance.
- Saveand then clickYesto confirm the assignment, and you're done.