Contents

Who can do what?

In Clarios, two simple things decide what you can see and do:

  1. Your permission level: what you personally may do (this page).
  2. The approval: what Clarios may do in your environment at all. An administrator gives this once: Approval & Settings.

For most tasks you need both.

The permission levels

LevelWho gets itWhat you can do
Readerdefault for everyoneView everything: dashboards, reports, the security check.
WriterIT and security peopleLike Reader, plus change: fix a security issue, set exceptions, save filters.
AdminadministratorsLike Writer, plus manage: the Admin Panel, device keys (BitLocker/LAPS), settings.
PartnerOperatorIT service providers (MSP) onlyMay switch into the environments of customers they look after. More: MSP & partners.

ℹ️ No level assigned? Then you’re automatically a Reader and can view everything. You only need a higher level to change or manage.

Where the level is assigned

An administrator assigns levels in Microsoft 365 (Microsoft Entra). Go to Enterprise applications, then Clarios Signin, then Users and groups.

💡 Tip: A changed level only takes effect once the person signs out and back in.

🖼️ Screenshot: Microsoft Entra, the Clarios Signin application, Users and groups tab, with the level choices (Reader / Writer / Admin) shown while assigning.

Target file: assets/getting-started/entra-role-assignment.png

Who may do which task? (quick overview)

TaskMinimum level
View dashboards, create a PDFReader
Find stale devicesWriter
Set an exceptionWriter
Fix a security issueWriter
View device keys (BitLocker/LAPS)Admin
Admin Panel: manage customers & areasAdmin
Switch into a customerPartnerOperator

What’s next?