Manage Users and Roles
Manage team members and control their access levels in your Spyderbat organization.
Organization Admins can manage team members and their access levels from the Admin section of the Spyderbat Console, located at the bottom of the left-hand navigation panel.
Only users with the Admin role can see the Admin section and manage other users.
Adding a user
Navigate to Admin > Organization Management.
Enter the user's email address.
Select a role from the Roles drop-down.
Click Add User.
The user appears in the Accounts list and receives an email invitation to join your organization.
Removing a user
Removing a user revokes their access to your organization. It does not delete their account — user accounts belong to the individual and can be members of multiple organizations.
In Admin > User Management, hover over the user's row.
Click the delete icon.
Confirm the removal.
Removed users do not receive a notification email. If they have an active session, they are immediately logged out.
Changing a user's role
In Admin > Organization Management, find the user in the Accounts list.
Click the Roles drop-down on that user's row.
Select the new role.
Deselect the old role.
Click Save.
If you don't deselect the old role, the user has both roles assigned. The higher-permission role applies, which may grant more access than intended.
Roles and permissions
Spyderbat has five organization-level roles. The table below summarizes what each role can access:
Capability
Admin
Power User
Non-API User
Agent Deployment
Read Only
Organization and user management
Full access
No access
No access
No access
No access
Source management and agent installation
Full access
Full access
Full access
View and add
View only
Agent health monitoring
Full access
Full access
Full access
View only
View only
Dashboards (view and create)
Full access
Full access
Full access
No access
View only
Search queries
Full access
Full access
Full access
No access
View only
Investigations (process and K8s)
Full access
Full access
Full access
No access
View only
Notification setup
Full access
No access
No access
No access
No access
Guardian policy management
Full access
Full access
Full access
No access
View only
API key creation
Full access
Full access
No access
Full access
No access
Admin
Full access to all console features. Admins can invite and remove users, change roles, manage sources, configure notifications, and perform all investigative and administrative actions.
Limit the number of Admin users in your organization. One or two Admins is typically sufficient.
Power User
Full access to all console features except organization and user management. Power Users can manage sources, create dashboards, run searches, conduct investigations, and create API keys.
Non-API User
Same access as Power User but cannot create API keys. Use this role for team members who need full console access without programmatic API access.
Agent Deployment
A limited role for onboarding engineers responsible for installing Spyderbat Nano Agents. These users can view and add sources, access agent install scripts, and monitor agent health. They cannot access dashboards, search, or investigations.
Read Only
View-only access to most console features — dashboards, sources, agent health, investigations, and search. Read Only users cannot modify data (e.g., rename sources, archive machines) and cannot access the Admin section.
Last updated
Was this helpful?