User Guides

User and Group Management

7min

Hexiosec ASM provides two levels of user management, Organisation Roles and Group Roles:

  • Organisation Roles: what a user can do within your organisation
  • Group Roles: what a user can do within a specific scan group

See Organisation and Group Roles for more information on the roles available.

Adding new people to your organisation

You can add a new person to your organisation via the three dots at the top of organisation on the main scan page.

Three dots highlighted on top right of the organisation pane
Organisation Management


When you invite the new person, you will need to assign them an organisation role and you can add them to scan groups with the permissions then need for that scan group. This can also be done by the owner or an admin after they have accepted the invite. They will only be able to see the scans in the scan groups that they are added to.

It is a good idea to add them to a scan group as part of the invite, this allows them access to the scans as soon as they accept their invite. You also have the option of creating a new group to add them to, you will automatically be added as the administrator of that group.

It is recommended that multi-factor authentication (MFA) is used by everyone in your organisation, there is guidance is available for MFA and session expiry. This can be set up by the person after they have accepted the invite.

Managing Organisation and Group roles

If you would like to manage organisation and group roles for everyone in your organisation, this can be done from the Users page for an organisation. On the Users page you can search for people and manage their organisation role (the edit icon), or the groups they can access (the people icon). They can also be deleted from the organisation if they no longer need access.

Username followed by email, organisation role, MFA status, and list of groups they are a member of. User can also be deleted.
Users View


It's a good idea to periodically review who has access in case people have changed roles or left the organisation and need to be removed.

When managing the groups a person is a member of, you will be presented with a new window where groups can be added or removed, and group permissions amended.

List of groups the person is a member of, alongside their role and the option to remove them from the group. They can also be added to another scan group, or a new scan group created.
Managing a person's scan group membership


Managing Group roles

Groups roles can be managed from the settings (the cog icon) for a specific scan group.

Scan group name with the cog on the right hand side showing settings option
Managing roles in a scan group


The scan group can be renamed here, or deleted. The link on the Edit Group page will take you to the Users page described in the section above, where you can manage the groups roles for each person.

When creating a new group within Hexiosec ASM, you will need to use the Users management page to add users to that group before they can see it. You will be automatically added as an administrator.

Managing Groups for multiple people

This can be done from an Organisation's Users page. Use the checkboxes to select the people you would like to add or remove from a group. At the top of the page you will then be able to select to edit them to 'Manage Groups'.

To be able to add or remove multiple people from groups, they must either, all not be in the group (for adding), or all be in the group (for removing)

If you need to give some people separate permissions, such as one person being an admin for the group, then they will need to be added to that group individually.

Updated 10 Dec 2024
PREVIOUS
User Guides
NEXT
Organisation and Group Roles
Docs powered by Archbee