Support Portal User Role Matrix
Symptom
Article provides data on the User Roles and the corresponding and permissions in the Customer Support Portal (CSP).
Environment
- Customer Support Portal
- Membership Roles
Resolution
These matrices identify the membership roles and permissions in the Customer Support Portal (CSP).
Support Portal User Roles |
Super
|
Standard
|
Limited
|
Threat
|
AutoFocus
|
Group
|
Group
|
Group
|
Group
|
Bulk Registration |
Cloud
|
Domain
|
ELA
|
Credit
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Manage Company Account Information | X |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Create New User |
X |
|
|
|
|
|
|
|
|
|
|
x |
|
|
| Manage Members |
X** |
Read Only |
Read Only |
|
|
|
|
|
|
|
|
x** |
|
|
| Manage Assets **** |
X |
X |
X |
X |
X |
|
|
|
|
|
|
| ||
|
Manage Groups |
X |
|
|
|
|
|
|
|
|
|
X |
| ||
|
Case Management |
X* |
X* |
|
|
|
|
|
|
|
|
|
| ||
|
Auto Focus Portal (Subscription only) |
|
|
|
X |
X |
|
|
|
|
X |
|
| ||
|
Licensing API |
X |
|
|
|
|
|
|
|
|
|
|
| ||
|
Group Level Access |
|
|
|
|
|
|
|
|
|
|
|
| ||
|
Create New Group User |
X |
|
|
|
|
X |
|
|
|
|
X |
| ||
|
Manage Group Members |
|
|
|
|
|
X |
Read Only |
Read Only |
|
|
|
| ||
|
Manage Group Assets |
|
|
|
|
|
X |
X |
X |
X |
|
|
| ||
|
Case Management |
|
|
|
|
|
X* |
X* |
|
|
|
|
| ||
|
Auto Focus Portal (Subscription only) |
|
|
|
|
|
|
|
|
| |||||
|
Wildfire Portal |
X |
X |
X |
|
|
X |
X |
X |
X |
X |
X | X |
| |
|
Threat Vault |
X |
X |
X |
|
|
X |
X |
X |
|
|
|
| ||
|
Applipedia |
X |
X |
X |
|
|
X |
X |
X |
|
|
|
| ||
|
ELA Tokens |
X | |||||||||||||
|
Initial hub account admin |
X | |||||||||||||
|
Transfer Software NGFW/CN Tokens ***** |
|
X | ||||||||||||
| Management of Software NGFW/CN Tokens ***** | x | x | x | |||||||||||
| Linked Accounts | x | X | ||||||||||||
| Bulk Registration/History (add on to Super or Standard User) | x | |||||||||||||
|
Cloud Services *** | x | x | x | x | X |
+ When a user is assigned Limited Role, the user will not be able to create nor manage support cases for all Palo Alto Networks products. To enable a user to create and manage support cases, assign them Standard User role, which will also give these users the ability to manage assets. Cloud Product role has no effect on managing support cases.
* All users in the main CSP account and groups with Case Management visibility will be able to view each others cases. Cases are not segmented by group.
** Only a Super User with Domain Admin role can edit another user with Super User/Domain Admin roles.
*** Cloud Product Role: User with Cloud Product only role can log in to XDR. XDR roles can then be assigned to the user.
**** Manage Assets capability enables a user to manage any product in Palo Alto Networks' product portfolio.
***** Credit Admin role enables a user to fully access all Software NGFW/CN Credits features, including the ability to a) activate Software NGFW/CN Credits, and b) transfer tokens between credit pools. Super Users can access all features and activate Software NGFW/CN Credits, but cannot transfer tokens between credit pools. Standard and Limited Users can access all features but cannot activate Software NGFW/CN Credits nor transfer tokens between credit pools.
Note: User with Cloud Product role will be able to view only Cloud Assets and does not have access to Case Management. To give users access to Case Management, give them Standard User role.
| Support Portal User Roles | Super User + ELA Admin | Super User + Domain Admin |
|---|---|---|
| All Super User Permissions | X | X |
| Administer Account Linkage | X | |
| Administer Third-Party IDP | X | |
| Administer ELA Grants | X | |
| Administer ELA Tokens | X | |
Additional Information
- Super User
- Standard User
- Limited User
Configuring multiple roles is not required as the Super User Role overwrites the Standard User Role.
- Group Super User
- Group Standard User
- Group Limited User.