Last updated on June 16, 2025
Administrator Roles is a Role-Based Access Control (RBAC) feature within the Rublon Admin Console that allows assigning administrative roles with varying privileges. Roles allow Owners to delegate specific tasks (like managing applications) to administrators while ensuring these administrators only have the administrative rights needed to perform their job.
For example, the Application Manager role can view and add new applications but cannot add new users or view billing information. Roles enable restrictions of this kind to prevent administrators from accessing information or performing actions that do not pertain to them.
Administrator Roles
Each administrator in the Administrators tab can have one of the following roles assigned to them:
- Owner – Administrators with the Owner role can view and manage all tabs in the Rublon Admin Console.
- Administrator – The Administrator can perform almost all actions in the Rublon Admin Console except for managing other administrators. In addition, Administrators cannot view and manage billing information in the Billing tab.
- Application Manager – The Application Manager role allows to view and manage applications, view logs, view policies, and export logs.
- User Manager – The User Manager administrators can view and manage users, phones, WebAuthn & U2F security keys, and logs. Administrators with the User Manager role can also view (but not manage) policies.
- Help Desk – Administrators with the Help Desk role can edit users (but not change user status), send Enrollment Emails to a single user, manage phones, WebAuthn & U2F security keys, and export logs. They can also view (but not manage) applications and settings. The Help Desk role cannot add, import, or delete users.
- Billing – The Billing role can view and manage billing information (increase the number of protected users, buy phone credits, change the card, change invoice details). This role can also view the Dashboard, but the information displayed in that tab is heavily limited.
- Read Only – The Read Only role allows administrators to view applications, users, phones, policies, WebAuthn & U2F security keys, and authentication logs. However, administrators with the Read Only role cannot modify any of that information. The Read Only role can also export authentication logs.
In addition to the preceding, only Owners and Administrators can receive system messages (e.g., user approval requests) on their emails.

Administrator Role Privileges Table
Refer to the following table for a quick overview of the privileges of each Administrator Role.
Owner | Administrator | Application Manager | User Manager | Help Desk | Billing | Read Only | |
View Dashboard | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ |
View Applications | ✔ | ✔ | ✔ | ✔ | ✔ | ||
Manage Applications | ✔ | ✔ | ✔ | ||||
View Users | ✔ | ✔ | ✔ | ✔ | ✔ | ||
Manage Users | ✔ | ✔ | ✔ | ✔ | |||
View & Manage Directory Sync | ✔ | ✔ | ✔ | ||||
View Groups | ✔ | ✔ | ✔ | ✔ | ✔ | ||
Manage Groups | ✔ | ✔ | ✔ | ||||
View Policies | ✔ | ✔ | ✔ | ✔ | ✔ | ||
Manage Policies | ✔ | ✔ | |||||
View Phones | ✔ | ✔ | ✔ | ✔ | ✔ | ||
Manage Phones | ✔ | ✔ | ✔ | ✔ | |||
View Remembered Devices | ✔ | ✔ | ✔ | ✔ | ✔ | ||
Manage Remembered Devices | ✔ | ✔ | ✔ | ||||
View WebAuthn & U2F | ✔ | ✔ | ✔ | ✔ | ✔ | ||
Manage WebAuthn & U2F | ✔ | ✔ | ✔ | ✔ | |||
View Authentications | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |
View Audit Logs | ✔ | ✔ | |||||
Export Audit Logs | ✔ | ✔ | |||||
View Authentication Logs | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |
Export Authentication Logs | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |
View & Manage Phone Logs | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |
View Administrators | ✔ | ✔ | |||||
Manage Administrators | ✔ | ||||||
View & Manage Administrative Units | ✔ | ||||||
View & Manage Admin Sign-in Settings | ✔ | ||||||
View Settings | ✔ | ✔ | ✔ | ||||
Manage Settings | ✔ | ✔ | |||||
View & Manage Billing | ✔ | ✔ | |||||
Receive System Messages | ✔ | ✔ |
How to assign a role
Note
Only administrators with the Owner role can assign administrative roles.
Creating a new administrator
If you want to create a new administrator account and assign a specific role to it, refer to How to add admin.
Changing an existing administrator
1. Sign in to the Rublon Admin Console.
2. Select the Administrators tab.
3. Click the username of the administrator whose role you wish to change.
4. In Role, select the role you want and click Save for the changes to take effect.
Troubleshooting
If you encounter any issues with your Rublon integration, please contact Rublon Support.