Roles
NOTE: Note on shared roles
Agari Phishing Response (APR) uses Role-Based Access Control to assign one or more roles for users to access product functionality. For APR
customers who are also subscribed to Agari Phishing Defense (APD), user accounts are currently shared between the two products.
A user created in APR will also be a user in APD and vice versa, and has the same permissions in each product.
The latest APR release includes the following changes regarding user role assignments in both products:
User roles are no longer shared between APD and APR. User accounts will continue to be shared, but role assignments for users will be separated.
For new users
Creating a user with APR-specific permissions will also create the user in APD, but without any APD-specific permissions.
Creating a user with APD-specific permissions will also create the user in APR but without any APR-specific permissions. For existing users, any changes to user role assignments made in one product will not be reflected in the other product.
APR Roles
This topic describes the user roles that you can assign user accounts in Phishing Response.
Roles are hierarchical by default. That is, when you assign a user account a role, that account is also automatically assigned all roles below the selected role, and you can manually choose to keep or remove these role assignments.
The following table lists the available roles.
| Role | Description |
|---|---|
| Administrator Roles | |
| Affiliate Administrator | By default includes permissions of all user roles unless any or all of those roles are specifically deselected. In addition, an affiliate administrator can switch from a parent organization to a child organization that they own. |
| Organization Administrator |
By default includes permissions of all user roles unless any or all of those roles are specifically deselected. In addition, an organization administrator can manage all APR settings. |
| User Administrator |
By default includes permissions of all user role unless any or all of those roles are specifically deselected. In addition, a user administrator can create and edit users. |
| User Roles | |
| Affiliate User | By default has all permissions of a read only user, unless the read only role is specifically unselected. In addition an auditing user can switch between parent and child organizations. |
| Auditing User |
By default has all permissions of a read only user, unless the read only role is specifically unselected. In addition an auditing user can view and search logs.
Audit logs are not available from Phishing Response but some audit logging can be accessed using Phishing Defense. For more information see the section Audit Trail in Chapter 7 of the Phishing Defense Admin Guide. |
| Analyst | Can act on investigations, for example: tagging, closing, sending an email from the investigation, or changing the state of an investigation. An analyst cannot carry out enforcement, change org level settings like MS graph, or add new tag names. |
| Read-only User |
Can search and view data in Phishing Response, but cannot make changes or edits anywhere. |