Support Portal User Role Matrix

Support Portal User Role Matrix

186445
Created On 09/25/18 19:38 PM - Last Modified 12/11/24 23:32 PM


Symptom


Article provides data on the User Roles and the corresponding and permissions in the Customer Support Portal (CSP).
 


Environment


  • Customer Support Portal
  • Membership Roles


Resolution


These matrices identify the membership roles and permissions in the Customer Support Portal (CSP).
 

Support Portal User Roles
Super
User
Standard
User
Limited
User +
Threat
Researcher 
AutoFocus
Trial
Role
Group
Super
User
Group
Standard
User
Group
Limited
User
Group
Threat
Researcher
Bulk Registration
Cloud
Product
Domain
Admin
ELA 
Admin
Credit
Admin

Manage Company Account Information

X

 

 

 

 

 

 

 

 

 

 

 

 

 

Create New User

X

 

 

 

 

 

 

 

 

 

 

 x

 

 

Manage Members

X**

Read Only

Read Only

 

 

 

 

 

 

 

 

x**

 

 

Manage Assets ****
X
X
X
X
X
 
 
 
 
 
 
 
 
 

Manage Groups

X
 
 
 
 
 
 
 
 
 
 
X
 
 

Case Management

X*
X*
 
 
 
 
 
 
 
 
 
 
 
 

Auto Focus Portal (Subscription only)

 
 
 
X
X
 
 
 
 
 
X
 
 
 

Licensing API

X
 
 
 
 
 
 
 
 
 
 
 
 
 

Group Level Access

 
 
 
 
 
 
 
 
 
 
 
 
 
 

Create New Group User

X
 
 
 
 
X
 
 
 
 
 
X
 
 

Manage Group Members

 
 
 
 
 
X
Read Only
Read Only
 
 
 
 
 
 

Manage Group Assets

 
 
 
 
 
X
X
X
X
 
 
 
 
 

Case Management

 
 
 
 
 
X*
X*
 
 
 
 
 
 
 

Auto Focus Portal  (Subscription only)

 
 
 
 
 
 
 
 
 
     

Wildfire Portal

X
X
X
 
 
X
X
X
X
 
X  
X
X
 

Threat Vault

X
X
X
 
 
X
X
X
 
 
 
 
 
 

Applipedia

X
X
X
 
 
X
X
X
 
 
 
 
 
 

ELA Tokens

            
X
 

Initial hub account admin

           
X
  

Transfer Software NGFW/CN Tokens *****

            
 
X
Management of Software NGFW/CN Tokensxx            
Linked Accounts          xX  
Bulk Registration/History (add on to Super or Standard User)          x    

Cloud Services ***

xxxx      X   

+ When a user is assigned Limited Role, the user will not be able to create nor manage support cases for all Palo Alto Networks products.  To enable a user to create and manage support cases, assign them Standard User role, which will also give these users the ability to manage assets.  Cloud Product role has no effect on managing support cases.
*  All users in the main account and groups with Case Management visibility will be able to view each others cases.  Cases are not segmented by group.   
** Only a Super User with Domain Admin role can edit another user with Super User/Domain Admin roles.
*** Cloud Product Role: User with Cloud Product only role can log in to XDR.  XDR roles can then be assigned to the user.
**** Manage Assets capability enables a user to manage any product in Palo Alto Networks' product portfolio.

***** Credit Admin role enables a user to fully manage all Software NGFW/CN credit pool features, including creating Deployment Profiles, registering firewalls, transferring tokens between Deployment Profiles (DP), more.  Please keep in mind Standard and Limited Users can also perform all Software NGFW/CN credit pool features, except users with these two roles do not have the ability to transfer tokens between DPs.

Note: User with Cloud Product role will be able to view only Cloud Assets and does not have access to Case Management.  To give users access to Case Management, give them Standard User role.   

Support Portal
User Roles
Super User
+
ELA Admin
Super User
+
Domain 
Admin
All Super User PermissionsXX
Administer Account Linkage 
Administer Third-Party IDP  
Administer ELA Grants X 
Administer ELA Tokens  X 
   
   



  


  

  



Additional Information


The configured users are required to have one of the following Roles.
  • Super User
  • Standard User
  • Limited User

Configuring multiple roles is not required as the Super User Role overwrites the Standard User Role.  

Similar concept applies when configuring Group Accounts. The member on the group account has to have one of the below roles.
  • Group Super User
  • Group Standard User
  • Group Limited User.
Having both Group Super User and Group Standard User is not required as the Group Super User Role overwrites the Group Standard User Role.  
 
All other roles on the Support Portal User Role Matrix are "Add On" roles for a particular product.


Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClaTCAS&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language