Full Role Based Access Control (RBAC) is possible in Eido, and is built using a combination of “Team members” (Eido users) and “Roles”

Users of Eido are created within Teams and must exist in Entra to be able to connect to Eido

To add a user from Entra to Eido they need to be linked by an Eido admin. To add an Entra User, navigate to Admin > Teams then click “New User”. They will need:

- Name – the users name

- Email – the email address that login details are to be sent to

- Customer – only appears if you have MSP mode enabled, allows you to specify which Customer(s) a user will be able to see data relating to within Eido. Useful for granting users from your individual customers access to Eido to only their data or for restricting helpdesk users access to specific customers. Remember Customers can be linked to one or more Intune tenants (see Customers elsewhere in this documentation)

- Role – the role that the user is to be granted. Roles dictate the things a user can see and take action over

Eido ships with 2 built in roles and allows you to create custom ones

The built in roles are:

· Read All Devices – users with this role can see all the pages of Eido apart from admin pages (those under the Admin section at the bottom of the nav bar)

· Admin – can access all areas of the product and make changes, including to admin pages

Custom roles can be created allowing more granularity.

You start by specifying whether to create an Admin or Standard type of user. Admin users can access all areas of the product and make changes, including to admin pages. Standard users can see all the pages of Eido apart from admin pages (those under the Admin section at the bottom of the nav bar). You are also given the option to only allow this role to view specific Customers (if using the MSP version of Eido), allowing you to create roles for your end customers to see only data from their Intune tenants or allowing support team members access to administer specific customers only.