User roles
User roles ensure that ConductorOne users have the correct permissions — and only those permissions — needed to perform assigned tasks.
Change a user’s role
Change a user’s role if their responsibilities in ConductorOne change. Some users might need temporary access to an elevated permission set, such as while running an access review campaign.
You must be a Super Administrator to change or add user roles.
- In the navigation panel, click Users.
- Click on the name of the user whose role you want to change.
- From the Actions menu, select Change Role.
- Select one or more user roles to assign to the user.
- Click Save.
Roles and their permissions
ConductorOne’s user roles let you assign users permissions tailored to the work they do in the software.
| Permission | Basic User | Campaign Administrator | Integration Administrator | Super Administrator |
|---|---|---|---|---|
| View dashboard | Yes | Yes | Yes | Yes |
| Approve / deny access reviews | Yes, if assigned task | Yes | Yes | Yes |
| Create campaigns | - | Yes | - | Yes |
| Create and manage campaigns | - | Yes | - | Yes |
| Manage tasks for campaigns | - | Yes | - | Yes |
| Reassign tasks | Yes, if allowed by policy | Yes | Yes | Yes |
| View integrations | Yes | Yes | ||
| Manage integrations | - | - | Yes | Yes |
| Manage applications | - | - | - | Yes |
| Manage users | - | - | - | Yes |
The Campaign Administrator must also be the Campaign Owner. When creating a Campaign the Admin can include additional Admin as owners of the Campaign.