Add System Users - Role Based Access
ScoutDNS supports Role Based Access allowing multiple operators within a single account to access the system.
Roles
There are three possible roles in any account.
Super Admin: One per account. Can create and remove and users. Has access to create, edit, and view all objects
Admin: Can create and remove all users accept Super Admin. Has access to create, edit, and view all objects
Service Desk: Can edit Allow/Block lists and has Viewer rights to all objects. Cannot edit or create other objects.
Viewer: Cannot create or remove users. Has access to view only all objects.
Only the Super Admin and Admin levels can access billing and support tickets.
Create New Operator Account
To create a new operator account in the access management page, simply select "New". You may then input an email address, first and last name, as well as select the role level desired. If an email is associated to an existing operator account within our system, they will now be linked/associated to your account with the role selected. If the email has never been used with ScoutDNS, a new account is created with the selected role level.
Important: Once you have created or linked an existing operator account, you will no longer be able to edit the user details. Only operators themselves can edit their name or email information. You are still able to change role or revoke access to the account at any time.
Revoke Access
Any Ad
Change Super Admin Account
Only the Super Admin can transfer the Super Admin role to an existing Admin account by selecting "Promote New Super Admin" at top of the Access Management page. Once an existing Admin is selected to assume the role, the existing Super Admin will be downgraded to Admin. The account can remain as Admin or access can be revoked.
Related Articles
Configure AD (Active Directory) Polices
ScoutDNS supports policy by user groups as synced from Active Directory. This can be helpful when admins desire policy decisions to follow the user regardless of the device and device profile in use. This guide walks through how ScoutDNS performs the ...Prevent DNS Work-Around for Users
Some users on your network may try to bypass ScoutDNS resolvers by changing the DNS servers in their device network settings when allowed. This can result in undesired content access on network assets along with increased security risk. The good news ...API Access
API access is available to certain account types. API access gives admins the ability to self manage API tokens for access to the standard ScoutDNS Operator API. This help article is about the public operator API. For any other API access such as the ...Organizations - Configuration and Management of Multi-Tenant Use
ScoutDNS provides two levels of tenancy. The primary inherent level allows any operator to be a member of any number of accounts and could have different roles depending on each account setting. The second level enabled though the Organizations tab ...Single Sign On (SSO) Configuration - Entra ID
Entra ID SSO Enabling Single Sign On (SSO), allows admins to manage access for their instance through Entra ID SSO. ScoutDNS uses the Open ID Connect (OIDC) protocol for secure commination with Entra ID. SSO will disable all existing ScoutDNS ...