You can add additional administrators to your organisation. The new administrators can be assigned a range of different roles. In addition to the administrator role, which has all existing rights, there are options to assign support staff, content manager, user manager or device manager roles. It is also possible to assign several roles at once. Additionally, you can also assign a role that has read access only.
Note! This feature is only available for customers with a Pro or Enterprise subscription. Customers without Pro or Enterprise subscription cannot add more administrators.
Aim
In this How-To article we’ll show you how you can create additional administrators for your organisation.
Implementation
Creating new administrators
- In the Cortado MDM administration portal, open Administration→ Administrators.
- Then click on the Plus button above left (arrow in illus.).
- Enter the email address of the new administrator (example in illus.).
- Select the language in which the new admin should receive the welcome email (German or English).
- If you are dealing with multiple organisations, select the desired organisation here.
- You can also generate an API key for accessing the Cortado MDM API here. You can find more information about this in our article How to access the Cortado MDM API.
- Specify which role(s) the new administrator should receive (example in illus.).
Note! You can also select several roles. You could, for example, assign the roles Content Manager and User Manager to a new admin. This would allow the new admin to make changes in both of these areas and to have read access in the other areas. You will find an overview of all permissions at the end of this article.
- Click on OK to confirm your entries.
- Next, a Cortado account must be set up for the newly created administrator. For the registration, either use the link in the next window or,
- Send the new administrator a welcome email with the registration link.
- To do so, select the administrator in the left column (left arrow in illus.) and then click on Send email invitation (right arrow in illus.).
Privileges of the individual roles
The administrator has full access to all areas (read and write rights). The read-only admin has read rights in all areas. The following provides an overview of all privileges of the individual roles:
Groups
| Administrator | Support Agent | Content Manager | Device Manager | User Manager | Read only access |
Actions | • |
|
|
|
|
|
| • |
|
|
|
|
|
| • |
|
|
|
|
|
| • |
|
|
|
|
|
| • |
|
|
|
|
|
| • |
|
|
|
|
|
| • |
|
|
|
|
|
| • |
|
|
|
|
|
| • |
|
|
|
|
|
| • |
|
|
|
|
|
| • |
|
|
|
|
|
Settings | • |
|
|
| • |
|
Policies | • |
|
| • |
|
|
| • |
|
| • |
|
|
Profiles | • |
|
| • |
|
|
| • |
|
| • |
|
|
Apps | • |
| • |
|
|
|
| • |
| • |
|
|
|
Files | • |
| • |
|
|
|
| • |
| • |
|
|
|
Users
| Administrator | Support Agent | Content Manager | Device Manager | User Manager | Read only access |
Actions | • |
|
|
| • |
|
| • |
|
|
| • |
|
| • | • |
|
| • |
|
| • |
|
|
| • |
|
| • |
|
|
| • |
|
| • |
|
|
| • |
|
| • |
|
|
| • |
|
Settings | • |
|
|
| • |
|
Devices | • |
|
| • |
|
|
| • | • |
| • |
|
|
| • | • |
| • |
|
|
| • | • |
| • |
|
|
| • | • |
| • |
|
|
| • | • |
| • |
|
|
| • | • |
| • |
|
|
| • | • |
| • |
|
|
| • | • |
| • |
|
|
| • | • |
| • |
|
|
| • | • |
| • |
|
|
| • | • |
| • |
|
|
| • | • |
| • |
|
|
Policies | • | • |
| • |
|
|
| • | • |
| • |
|
|
Profiles | • | • |
| • |
|
|
| • | • |
| • |
|
|
Apps | • | • | • |
|
|
|
| • | • | • |
|
|
|
- Assign App Store accounts
| • | • | • |
|
|
|
- Unassign App Store accounts
| • | • | • |
|
|
|
| • | • | • |
|
|
|
- Add managed configurations
| • | • | • |
|
|
|
- Remove managed configurations
| • | • | • |
|
|
|
Files | • |
| • |
|
|
|
| • |
| • |
|
|
|
Devices
| Administrator | Support Agent | Content Manager | Device Manager | User Manager | Read only access |
Actions | • |
|
| • |
|
|
| • |
|
| • |
|
|
| • | • |
| • |
|
|
| • | • |
| • |
|
|
| • | • |
| • |
|
|
| • | • |
| • |
|
|
| • | • |
| • |
|
|
| • | • |
| • |
|
|
| • | • |
| • |
|
|
| • | • |
| • |
|
|
| • | • |
| • |
|
|
| • | • |
| • |
|
|
| • | • |
| • |
|
|
| • | • |
| • |
|
|
Details | • | • | • | • | • | • |
| • |
|
| • |
|
|
| • |
|
| • |
|
|
Apps | • | • | • | • | • | • |
Policies | • | • |
| • |
|
|
| • | • |
| • |
|
|
Profiles | • | • |
| • |
|
|
| • | • |
| • |
|
|
MDM States | • | • | • | • | • | • |
| • | • |
| • |
|
|
Policies
| Administrator | Support Agent | Content Manager | Device Manager | User Manager | Read only access |
Actions | • |
|
| • |
|
|
| • | • |
| • |
|
|
| • | • |
| • |
|
|
| • |
|
| • |
|
|
| • |
|
| • |
|
|
Profiles
| Administrator | Support Agent | Content Manager | Device Manager | User Manager | Read only access |
Actions | • |
|
| • |
|
|
| • | • |
| • |
|
|
| • | • |
| • |
|
|
| • |
|
| • |
|
|
| • |
|
| • |
|
|
Apps
| Administrator | Support Agent | Content Manager | Device Manager | User Manager | Read only access |
Actions | • |
| • |
|
|
|
| • | • | • |
|
|
|
| • | • | • |
|
|
|
| • |
| • |
|
|
|
| • |
| • |
|
|
|
- Rollout on assigned users
| • | • | • |
|
|
|
| • | • | • |
|
|
|
Details - Configure permissions/managed configurations
| • |
|
|
|
|
|
App Store Accounts | • |
| • |
|
|
|
| • |
| • |
|
|
|
| • |
| • |
|
|
|
| • |
| • |
|
|
|
| • |
| • |
|
|
|
| • | • | • |
|
|
|
| • | • | • |
|
|
|
Managed Configurations | • |
| • |
|
|
|
| • |
| • |
|
|
|
| • |
| • |
|
|
|
| • | • | • |
|
|
|
| • | • | • |
|
|
|
Files
| Administrator | Support Agent | Content Manager | Device Manager | User Manager | Read only access |
Actions | • |
| • |
|
|
|
| • | • | • |
|
|
|
| • | • | • |
|
|
|
| • |
| • |
|
|
|
| • |
| • |
|
|
|
Reports
| Administrator | Support Agent | Content Manager | Device Manager | User Manager | Read only access |
Filter data | • | • | • | • | • | • |
Settings
| Administrator | Support Agent | Content Manager | Device Manager | User Manager | Read only access |
General | • |
|
|
|
|
|
Android Enterprise | • |
|
|
|
|
|
- Configure Android NFC App
| • |
|
|
|
|
|
- Configure Android Managed Device
| • |
|
|
|
|
|
- Unenroll Android Enterprise
| • |
|
|
|
|
|
- Zero-touch Enrollment Portal
| • |
|
|
|
|
|
- KNOX Mobile Enrollment Console
| • |
|
|
|
|
|
Apple Push Certificate- Generate certificate request
| • |
|
|
|
|
|
- Renew Apple Push certificate
| • |
|
|
|
|
|
- Download certificate request
| • |
|
|
|
|
|
- Upload Apple Push certificate
| • |
|
|
|
|
|
- Export Apple Push certificate
| • |
|
|
|
|
|
- Import Apple Push certificate
| • |
|
|
|
|
|
Apple automated device enrollment | • |
|
|
|
|
|
| • |
|
|
|
|
|
| • |
|
|
|
|
|
| • |
|
|
|
|
|
| • |
|
|
|
|
|
| • |
|
|
|
|
|
Administrators
| Administrator | Support Agent | Content Manager | Device Manager | User Manager | Read only access |
Actions | • |
|
|
|
|
|
| • |
|
|
|
|
|
| • |
|
|
|
|
|
| • |
|
|
|
|
|
| • |
|
|
|
|
|
| • |
|
|
|
|
|
| • |
|
|
|
|
|
Details | • |
|
|
|
|
|