Prisma Access
Create a Tenant-Level Administrative User
Table of Contents
Create a Tenant-Level Administrative User
| Where Can I Use This? | What Do I Need? |
|---|---|
|
|
You should create an administrative user for
each tenant. In that way, a tenant-level administrator can view
and make changes to their tenant configuration but doesn’t have
access to other tenants. To create an administrative user for a specific
tenant, complete the following task. For more information about
role-based access control (RBAC) for tenant-level administrative
users, see Control Role-Based Access for Tenant-Level Administrative Users.
Users
who manage single tenants cannot see the system logs because the choice
is not available. This limitation applies to all Administrators
who have an administrative role of Device Group and Template.
Only superusers can view system logs in multitenancy mode.
- Create an administrative role with a type of Device Group and Template.
- Select .Add an Admin Role Profile with a Role of Device Group and Template.Click OK.You can create a single Admin Role Profile and share it across multiple tenants; however, you must create a separate administrator for each tenant.While you tailor the administrative role for the needs of your organization, we recommend deselecting Commit for Other Admins. Deselecting this choice allows a tenant-level user to commit only the changes they have made, and prevents them from unintentionally committing other changes that other tenant-level administrative users have made that are not yet committed.
![]()
Create and configure an Administrator for the tenant.- Select .Add an Administrator.Enter and confirm a Password for the new Administrator.Specify an Administrator Type of Device Group and Template Admin.Specify the Access Domain that is associated with the device groups for that tenant.
