I am a Zivver admin
Configure and manage Zivver
Set admin roles
Role-Based Access Control
With Role-Based Access Control (RBAC), you can assign specific admin roles (Full admin, Policy admin, Support, and Auditor) within your Zivver organization settings, streamlining user management and enhancing security. RBAC helps to improve the efficiency of your administrative processes while safeguarding impactful functionalities & information. On this page you can read all about using RBAC in Zivver for your organization.
Role-Based Access Control is part of our Advanced Administration Bundle, containing capabilities that larger organizations require while SMBs do not. Please contact your contact person at Zivver or our support team if you are interested in this feature.
Change roles
Follow these steps to set admin roles:
- Log in to the Zivver WebApp as Full Admin.
Any existing admin before RBAC was enabled will have the Full Admin role. - Click
Organization Settings.
- Expand
User administration.
- Click Accounts.
- Click next to the account for which you want to change the role.
- Scroll down to the Account type pane.
- Select Administrator.
- Choose a role from the Administrator role dropdown menu.
- Click .
- Review and confirm your changes.
If this account was not an administrator yet and Single Sign-On is enabled, you need to enter a temporary password for the account
Roles
With RBAC, access to the Zivver organization settings can be granted based on four common administrative roles:
- Full admin: Full edit access to all settings and the ability to manage the roles of other admins
- Policy admin: Edit access to all settings, except for the most impactful settings that only need to be configured once, plus access to audit and communication logs
- Support: Edit access to user accounts, but no access to impactful account settings or sensitive data
- Auditor: Read-only access to all settings, no ability to make changes
To perform tasks for effective Zivver administration, both Full admin and Policy admin must be able to perform actions that can grant access to other users’ message data (such as password resets or delegated access). Keep this in mind when assigning these roles.
Permission overview
In this overview, π indicates View (Read-only) permission and βοΈ indicates Edit (Write) permission for a scope. If no icon is displayed, the role has no permission.
Scope | Full admin | Policy admin | Support | Auditor |
---|---|---|---|---|
General | ||||
Get started page | π | π | π | π |
Organization account information (logo, branding, name, business holder) | βοΈ | π | π | π |
Data export host and username (excl. password) | π | π | π | |
List domains and (DNS) settings | βοΈ | π | π | |
Inbound Direct Delivery settings | βοΈ | π | π | |
NTA-7516 sending settings | βοΈ | π | π | π |
Organizational units | βοΈ | βοΈ | βοΈ | π |
Organization subscription | βοΈ | π | π | π |
Contact support page | π | π | π | π |
User administration | ||||
Account details (name, picture, language, timezone, displayed sender) | βοΈ | βοΈ | βοΈ | π |
Email aliases | βοΈ | βοΈ | π | π |
Delegations | βοΈ | βοΈ | π | π |
Password reset | βοΈ | βοΈ | ||
Communication log | π | π | ||
Accounts that need restoring after password reset | βοΈ | βοΈ | βοΈ | π |
Authentication factors | βοΈ | βοΈ | βοΈ | π |
Logout active sessions | βοΈ | βοΈ | βοΈ | π |
Administrator role | βοΈ | π | π | π |
Account type (user or functional) | βοΈ | βοΈ | π | π |
Account status (active or suspended) | βοΈ | βοΈ | βοΈ | π |
Single Sign On settings | βοΈ | π | π | |
Trusted networks | βοΈ | βοΈ | π | |
Automatic account deletion | βοΈ | π | π | |
Insights | ||||
Insights without personal data | π | π | π | |
Insights with personal data | π | π | ||
Audit log | π | π | ||
Policies | ||||
Recipient verification | βοΈ | βοΈ | βοΈ | π |
Verification methods allowed | βοΈ | βοΈ | π | |
Trusted devices allowed | βοΈ | βοΈ | π | |
Outbound direct delivery | βοΈ | βοΈ | π | |
Business rules | βοΈ | βοΈ | π | |
Trusted domains | βοΈ | βοΈ | π | |
Organization revocation policy | βοΈ | βοΈ | π | |
Plugin settings | βοΈ | βοΈ | π | |
Recipient Experience | ||||
Notification message | βοΈ | βοΈ | π | |
Introduce Zivver settings | βοΈ | βοΈ | π | |
Conversation starters | βοΈ | βοΈ | π | |
Organization displayed sender | βοΈ | βοΈ | π | π |
Custom support channels | βοΈ | βοΈ | π | |
Integrations | ||||
SMTP credentials | βοΈ | π | π | |
DLP Gateway | βοΈ | βοΈ | π | |
API keys | βοΈ | π | π | |
Google Workspace Key | βοΈ | π | π | |
Grant users access to Chrome Extension Service Account Key | βοΈ | π | π | |
Downloads page | π | π | π | π |