There are six types of user roles available, each with their own permission levels for available actions. The roles are specified on the Create/Edit User screen.
Administrator — Users with this permission level control the highest-level security and account settings and have access to all IT Glue data. We recommend that most teams have only a couple of Administrators. The first user to start a new account is given an Administrator role. Administrators added subsequently can change the role of the first user if needed.
Manager — Managers can manage users and handle most administrative tasks, plus create, edit, and delete data within the organizations that they have permission to access. Certain destructive actions (i.e. permanently deleting data) are permitted.
Editor — Editors can create, edit, and delete data within the organizations that they have permission to access, plus set asset permissions, controlling which other users have access to that asset.
Creator — Creators can create and edit data within the organizations that they have permission to access, plus set asset permissions, controlling which other users have access to that asset.
Read-only — Users with this permission level can only view data within the organizations that they have permission to access. This role is read-only.
Lite — Users with this permission level can only view data within the organizations that they have permission to access. This role is read-only and is only allowed access to up to five organizations/sub-organizations. This role is ideal for clients you invite to your account.
For reference, the table below summarizes the different permission levels:
Comparing Manager and Administrator roles
Here's a quick overview of the Manager and Administrator roles.
Managers
Managers can perform these administrative actions in the account:
Update billing
Invite/edit/remove users (except Administrator roles)
Manage user groups (except groups that they are not a member of)
Create/edit/delete flexible asset templates
Edit the organizational sidebar
Enable integrations and features
Access sync settings and data management screens associated with PSA and RMM integrations
View detailed activity logs
Import data (requires access to all organizations)
Administrators
Administrators have all the same administrative rights and permissions as Managers but with the following additions:
Turn on enforced multi-factor authentication (MFA) for all users
Turn on single-sign on (SSO) for all users
Reset MFA for users
Generate API keys for IT Glue API and Warranty Master API
Configure GlueConnect
View and share the Passwords Accessed report
Export IT Glue data
Full visibility to all IT Glue data; an all-access pass to the account (regardless of access settings)
Because the Manager and Administrator roles are highly privileged, enabling multi-factor authentication to increase the level of security is strongly recommended.