In this article:
If you are a SecurityScorecard administrator, use this guidance to manage user access and permissions in the platform.
Know if you are an administrator
If you are not sure whether you are an administrator:
- Click the avatar for your user profile in the upper-right corner of the platform, and then select My Settings.
- In the Settings panel, look for an Admin Settings section. If you see it, you are an administrator.
Grant and change user permission
- How Guest access works with Atlas questionnaires
- Grant permissions manually
- Grant permission automatically
As an admin, are responsible for granting user access to your organization's Scorecard account. You also can also assign and change all access levels for all users:
| This permission level... | Can do this... |
|
Administrator |
|
| User |
|
| Read-Only (only available with a paid plan) |
|
| Guest |
|
How Guest access works with Atlas questionnaires
If an Atlas user sends a questionnaire to an email address that is not associated with a SecurityScorecard user account, but the recipient's domain has a SecurityScorecard subscription and administrator, that recipient can automatically gain Guest permissions.
Note: If the Atlas user generates a questionnaire using the Create Link option, instead of emailing the recipient directly from Atlas, the recipient will need to create a SecurityScorecard account and have their own SecurityScorecard administrator grant them access. Also, if, when testing this workflow, you as the Sender attempt to send to an aliased email address, this workflow will not apply, you will need to send to an actual user different from yourself.
Grant permissions manually
- Click the Access Requests tab under Admin Settings.
- For any listed requester, and click Add to grant permission. Otherwise, click Ignore.
- Enter information about the user and set their access permission. Then, click Add.
Requesters who are granted permission receive an email invitation to set up an account. Ignored requesters do not receive any notification.
As an administrator, you also can change a user’s permission level:
- Click the Users tab under Admin Settings.
- On the displayed list, click Edit for the person whose permissions you want to change.
- Select a new permission in the displayed form. Then, click Save Changes.
Grant permission automatically
Use automatic settings for granting permission based on specific conditions so that:
- You can save time by limiting how often you have to grant permissions manually.
- Requesters whom you are likely to accept do not have to wait for permission to access the platform. For example, if you have sent a questionnaire to a potential vendor who does not have a SecurityScorecard account, you can expedite the vetting process by giving them immediate access, so they that they respond to the questionnaire.
To set automatic permissions:
- Click the Access Requests under Admin Settings.
- Click Settings on the Access Requests page.
- Select a condition for automatically granting permission from the displayed list. Then, click Close.
- Note that when guest access is provided, the guest won't necessarily have an email that is attributed to your company, but will still be provided guest access regardless of the statement "For new users with an email attributed to this company...". The guest access is an exception to this behaviour.
The receiver will get an email similar to the following:
When the receiver clicks the Call to Action ("Complete Account Creation") , they will be taken to a browser window that will allow them to set their password, then they will be auto-directed to the questionnaire:
