Administrative roles control what you can view and manage in the Cloud Administration Console for the Cloud Authentication Service. For example, roles affect the management of identity routers, access policies, and user devices. Each administrator is assigned an administrative role with specific privileges. The Cloud Administration Console supports two administrative roles:
- Super Admin
- Help Desk Admin
Note: Administrators for the Cloud Administration Console can manage identity routers and settings in the Cloud Authentication Service. These administrators can manage settings in RSA Authentication Manager only if they are added to Authentication Manager with administrative roles.
Super Admins have unrestricted privileges in the Cloud Administration Console, including the ability to add or edit other administrators. Super Admins are responsible for setting up RSA SecurID Access for the first time, then maintaining, updating, and troubleshooting the deployment as necessary.
RSA creates one initial Super Admin account in the Cloud Administration Console and provides the associated username and password in an email message. Use this account to add new administrators. RSA recommends that you add multiple Super Admins so that if one Super Admin account needs a password reset, another Super Admin can access the account and change the password.
Help Desk Administrators
Help Desk Admins for the Cloud Administration Console assist users who authenticate with the Cloud Authentication Service. Help Desk Admins have the following privileges in the Cloud Administration Console.
|Authenticate devices, FIDO Token, known browsers||X||X|
|My Profile (including change own password)||X||X|
|Unlock RSA SecurID Authenticate Tokencode||X||X|
|User Event Monitor (run reports to troubleshoot user problems)||X|
Help Desk Admins can also run reports on the Users > Reports page.
Note: Super Admins can reset passwords for Help Desk Admins, and Help Desk Admins can reset their own passwords, but Help Desk Admins cannot reset passwords for other Help Desk Admins.