User permissions are determined by their role and the account to which they belong.
There are 4 permission levels: Main account Admin / User, Sub account Admin / User. Below is a list of user permissions by account type and user rule.
Anyone with a User role in the main account has read-only access to the logs in all sub accounts and timeless accounts.
Anyone with an Admin role in the main account has Admin permissions to all sub accounts and timeless accounts. You can limit access by adding users only to sub accounts and timeless accounts rather than the main account.
The acronym CRUD stands for Create, Read, Update, Delete.
|Manage the main account||CRUD|
|Manage sub accounts||CRUD|
|Read sub accounts|
|Manage timeless accounts||CRUD|
|Read timeless accounts|
|Log shipping tokens||CRUD|
|Add filters to Shared tokens|
|Grant Support access|
You can add users directly to a sub account and assign them either an Admin or User role.
Users belonging to a sub account do not have access to any other accounts, unless explicitely added to them.