Groups & Permissions
vScope is built for teamwork, so understanding users, groups, and access levels is essential. You can manage Users & Access under Settings, where permissions are assigned through group memberships. By organizing permissions and group memberships effectively, vScope makes it easy for teams to access the right data and collaborate efficiently.
vScope provides three group types: Permission Groups, Extended Permission Groups, and Collaboration Groups.
Permission Groups
Section titled “Permission Groups”vScope includes four primary permission groups that control user access and functionality: Admin, Contributor, User, and Viewer.
Permission Overview
Section titled “Permission Overview”| Feature | Viewer | User | Contributor | Admin |
|---|---|---|---|---|
| Login to vScope | ✔️ | ✔️ | ✔️ | ✔️ |
| Library | ✔️ | ✔️ | ✔️ | ✔️ |
| Dashboards | ❌ | ✔️ | ✔️ | ✔️ |
| Tables | View Only | ✔️ | ✔️ | ✔️ |
| Tracker | ❌ | ✔️ | ✔️ | ✔️ |
| Search | ❌ | ✔️ | ✔️ | ✔️ |
| Create Tracker cases | ❌ | ❌ | ✔️ | ✔️ |
| Access Tags | ❌ | ❌ | ✔️ | ✔️ |
| Discovery | ❌ | ❌ | ❌ | ✔️ |
| Settings | ❌ | ❌ | ❌ | ✔️ |
| Manage Users & Access | ❌ | ❌ | ❌ | ✔️ |
| API Access | ❌ | ✔️ | ✔️ | ✔️ |
| Governance | ||||
| View Entities | Restricted ℹ️ | ✔️ | ✔️ | ✔️ |
| Edit Entities | ❌ | Restricted ℹ️ | ✔️ | ✔️ |
| Access Governance Settings | ❌ | ❌ | ❌ | ✔️ |
| Billing | ||||
| Billing Overview | ❌ | ❌ | ✔️ | ✔️ |
| Manage Price Lists | ❌ | ❌ | ✔️ | ✔️ |
ℹ️ See Extended Permission Groups
Detailed Role Descriptions
Section titled “Detailed Role Descriptions”Admin (Highest Permission Level)
Section titled “Admin (Highest Permission Level)”Admins have full control over vScope, including:
- Access to Discovery Manager for inventory configuration.
- Full administrative control in Settings for managing integrations and permissions.
- Rights to add, remove, and modify user accounts through local or Active Directory integration.
Contributor
Section titled “Contributor”Contributors can:
- Add tags and annotations to resources.
- Manage Tracker cases and contribute insights.
- Access all data without control over Settings or Discovery.
Users have access to:
- All data, including Tracker cases and table-building capabilities.
- Limited permissions that exclude control over Settings or Discovery.
Viewer (Lowest Permission Level)
Section titled “Viewer (Lowest Permission Level)”Viewers have restricted access and can:
- Only view data shared with them, such as specific tables and dashboards.
- Access limited data, with no permissions to build or modify content.
Extended Permission Groups
Section titled “Extended Permission Groups”These groups are used to extend permissions for Users and Viewers in Governance. Since Users can build tables about Governance Entities, they automatically have view access to all Entities, but not the permission to create or edit them. You can, however, directly assign a User edit permissions for specific Governance Entity.
IT Service Viewer
Section titled “IT Service Viewer”Extends Viewer permissions to view all Governance Entities.
IT Service Editor
Section titled “IT Service Editor”Extends User permissions to create Governance Entities, and Viewer permissions to create and edit Governance Entities within vScope. However, without the IT Service Viewer permission, Viewers will not be able to view all Governance Entities.
In a permission table, it looks like this:
For Viewers
Section titled “For Viewers”| Feature | Viewer | + IT Service Viewer | + IT Service Editor |
|---|---|---|---|
| Assigned view access to specific IT Service | ✔️ | ✔️ | ✔️ |
| View all Governance Entities | ❌ | ✔️ | ❌ |
| Assigned write access to specific IT Service | ❌ | ❌ | ✔️ |
| Create Governance Entities | ❌ | ❌ | ✔️ |
For Users
Section titled “For Users”| Feature | User | + IT Service Viewer | + IT Service Editor |
|---|---|---|---|
| Assigned view access to specific IT Service | ✔️ | ✔️ | ✔️ |
| View all Governance Entities | ✔️ | ✔️ | ✔️ |
| Assigned write access to specific IT Service | ✔️ | ✔️ | ✔️ |
| Create Governance Entities | ❌ | ❌ | ✔️ |
Collaboration Groups
Section titled “Collaboration Groups”Collaboration groups enable shared access to content among group members, allowing quick sharing of dashboards, tables, and other resources. Permissions within collaboration groups align with the settings on individual content items, with no additional permissions assigned specifically to the group.
Frequently Asked Questions
Section titled “Frequently Asked Questions”What are the requirements for inviting users by email?
Section titled “What are the requirements for inviting users by email?”Any user with access to Collaboration can invite new users to vScope by entering their email address. When an invite is sent:
- The invited person receives an email with a link.
- vScope administrators are notified of the new invitation.
- If the invited person already has:
- network access to the vScope server and
- permission to sign in via your identity provider
then their vScope account will be created automatically once they follow the link.
Managing pending invitations
Section titled “Managing pending invitations”Administrators can review all invitations under:
Settings → Users → Pending Invites
From here, administrators can:
-
Revoke an invitation
The user will no longer be able to access shared content. -
Create the account directly in vScope
by selecting “Use vScope as authentication method.”
This sends a registration link to the user so they can complete their setup.