Modules
RBAC and customer portal
Manage system roles, custom roles, granular permissions and customer portal access.
Purpose
RBAC gives just enough access to owners, admins, operators, consultants, viewers and customer portal users.
Practical workflow
Create system roles for stable responsibilities and custom roles for customer-specific needs such as security auditor, ROI consultant or portal viewer.
Controls and validation
Review permissions such as portal.read, reports.read, reports.export, audit.read, users.manage, settings.manage, roles.manage, alerts.manage and retention.manage.
Security and compliance
Customer portal users must only see their own customer scope. They should never access MSP internals, secrets or other customers.
Common mistakes
Avoid vague roles with broad write permissions. Review users regularly and remove stale access.