End-of-Life (EoL)

Define a Role

Follow these steps to define a new role in Cortex XSOAR.
Cortex XSOAR comes with three roles with default permissions. You can add as many new roles and combine them with other roles, such as single sign on.
  1. In the
    Roles
    tab, click
    New
    .
  2. In the
    Role name
    field, type the name for the new role.
  3. Select the category permissions.
    Component
    Description
    Investigations
    Sets the permission level generally for investigations or set different permission levels for data and chats. You can also limit the role to exclude executing potential harmful actions when building your own integrations.
    Incident table actions
    Limits table actions in the
    Incidents
    page, such as delete, edit, close and so on.
    Jobs
    Limits permissions for managing jobs.
    Scripts
    Limits permissions for managing scripts. If the user has read/write permissions you can enable users to create scripts that run as a Super User.
    In the
    Script
    page, you can define which roles are permitted to run an automation, and according to which role the automation executes.
    Playbooks
    Limits permissions for creating, editing and deleting Playbooks.
    You can also add, change, and remove roles from a playbook when clicking
    Settings
    in the
    Playbooks
    page.There are several notes and limitations you should familiarize yourself with when assigning roles to playbooks.
    Settings
    You can set the permission level generally for all settings or split them according to the following:
    Users
    : includes invitations and editing permissions.
    Integrations
    : whether a user can add, edit or delete instances.
    Credentials
    : whether a user can add, edit, or delete credentials.
    Administration
    Limits permissions for server configurations, editing layouts for indicators and incidents, integration permissions, audit trails and the password policy.
  4. In the
    Page Access
    section, select the pages you want the user to have access.
  5. To assign the role to an active directory group, in the
    AD Roles Mapping
    section, from the drop down list, select the group as required.
  6. To assign a role to a single sign on group, in the
    SAML Roles Mapping
    section, from the drop down list, select the group as required.
    To associate roles to an AD or SAML group, you need to add a SAML instance and configure your identity provider.
    Users can log into Cortex XSOAR with their Active Directory or SAML user name and passwords. Their permission in Cortex XSOAR is set according to the groups and mapping set in Active Directory or SSO. For more information, Authenticate Users with SAML 2.0.
  7. If you want to associate the role with another role, in the
    Nested Roles
    section, from the drop down list, select the nested role, as required.
    The
    Nested Role
    overrides any settings you select in the
    Roles
    tab.
  8. To add a shift period of work to the role, in the
    Shifts
    field, click
    + Add Shift
    and define the required period.
    Weekly shifts start on Sunday and specified in the UTC time zone.
  9. Click
    Save
    .

Recommended For You