- About the Tenant Context
- Searching for Resources in a Tenant
- Managing Robots
- Connecting Robots to Orchestrator
- Storing Robot Credentials in CyberArk
- Storing Unattended Robot Passwords in Azure Key Vault (read-only)
- Storing Unattended Robot Credentials in HashiCorp Vault (read-only)
- Storing Unattended Robot Credentials in AWS Secrets Manager (read Only)
- Deleting Disconnected and Unresponsive Unattended Sessions
- Robot Authentication
- Robot Authentication With Client Credentials
- Audit
- Settings
Configuring Access for Accounts
Overview
As an administrator, you can configure fine-grained tenant or folder permissions for accounts that already exist at the organization level, via Orchestrator, by assigning them to folders or tenants in Orchestrator. An account gets the permissions required to perform particular operations in a folder or tenant through one or more roles.
You can use groups to simplify account management, as groups allow you to manage accounts with similar needs together.
Adding Accounts to a Tenant
To give tenant access to accounts or groups, follow these steps:
- Go to Tenant > Manage Access. The Manage Access page is displayed.
- Click Assign roles > User/Robot Account/Group to add a new account in the tenant. The Assign roles window is displayed.
- In the Search for user/robot account/group drop-down, search for the object you want to add.
- Under Roles, select the role(s) for this object.
- Click Assign. The selected object can access tenant resources according to its role.
Adding Accounts to a Folder
To give folder access to accounts or groups, follow these steps:
- Go to Tenant > Folders. The Folders page is displayed.
- From the Folders page, in the Manage Folders pane, click the folder you want to manage. The folder and its contents are displayed on the right-hand dashboard.
- Click Assign Accounts/Group to add a new account or group in the folder. The Assign Account/Group window is displayed.
- In the Account, group, or external app drop-down, search for the object you want to add.
- Under The Roles for the account/group selected above, select the role(s) for this object.
- Click Assign. The selected object is now in the folder and can access it according to its role.
Removing Account Assignments
Unassigning Accounts From a Tenant
To remove tenant access for accounts or groups, follow these steps:
- Go to Tenant > Manage Access. The Manage Access page is displayed.
- Click More Actions > Unassign for the account you want to remove from the tenant. A confirmation window is displayed.
- Click Yes to confirm. The removed account or group is removed and loses access to the tenant.## Removing folder access
Unassigning Accounts From a Folder
To remove folder access for accounts or groups, follow these steps: