The way you control access using Spinpanel roles is to assign roles to individual users or a group of users. This is a key concept to understand – it's how permissions are enforced. A role assignment consists of three elements: members, role permissions, and scopes.
Members can be individual users or a group of users. And a group can include specific members in a Spinpanel user or device group, an Azure security group, or a Microsoft 365 group.
Add assignments is the process of attaching a role to individual users or a group of users to grant access. Access is granted by assigning a role, and access is revoked by removing a role assignment.
You can either assign users or groups to a role by selecting the role from Roles and administrators and than clicking the Add assignments button or assign a role to an individual user by selecting a user on the Users page, choosing the Roles option and clicking the Add assignments button. We recommend always assigning roles to users through a group.
On the Roles and administrators page, roles are grouped by category by default. More information about the grouping of roles can be found below.
Currently the following categories of roles are available.
Azure Active Directory - this group contains roles for managing Azure Active Directory .
Command blocks - this group contains roles for managing and working with Spinpanel Command blocks.
Partner Center - this group contains roles for managing Partner Center settings and customers in Spinpanel portal.
Platform - this group contains roles for managing Spinpanel platform specific features, i.e. roles, groups, price plans, reports but also users.
Subscriptions and licenses - this group contains roles for managing products and subscriptions.
It is also possible to group roles by subcategory. As the same subcategory can apply to roles in different categories, this allows you to find the role your looking for from a different angle.