Skip to main content

Cyware Situational Awareness Platform

Create Custom Roles

Root admins can create custom privileged user roles in the Analyst Portal as required.

Before you Start

  • Ensure that you have the View and Create or Update permissions for the Roles and Permissions module.

  • If SAML 2.0 authentication method is activated for you, ensure that you have the SAML group name.

Steps

To create a custom role, follow these steps:

  1. Go to Administration > User Management > Roles and Permissions.

  2. Click Create Role and use the following information to enter the details:

    • Enter a name for the role. For example, L1 Security Analyst

    • SAML Group Name: If SAML 2.0 authentication method is enabled, this field becomes applicable. To onboard new analyst users and authorize SAML-authenticated users during every sign-in attempt, you can map SAML IdP groups with Collaborate's user roles. If an exact match for the role is found, then the users are granted permissions within the application, as defined by the external identity provider (SAML user group) and Collaborate's access permissions. If no user roles are configured, the default user role from the SAML authentication configuration will be automatically assigned. To configure the group attribute and the default user role, see Configure SAML 2.0 as the Authentication Method.

      • Enter the SAML user group name. You can add multiple user groups as a comma-separated list. The SAML User Group field is pre-filled based on your user group's name. However, you can modify SAML group names to match your IdP group names. After entering the group name, click outside the field to enable the Update button.

        When you map multiple user groups to a user group in a Cyware application, the SAML assertion will check the group permissions in sequence from the start of the list and provide access based on the role group that first meets the mapping criteria. 

    • Select the permissions that you want to assign to the role. For example, you can assign View, Create, and Update permissions for the Category module.

    • Set the role as Active. Inactive roles cannot be assigned to users.

  3. Click Create Role.