Configuration: Managing role delegation in Cayosoft Guardian

Role delegation in Cayosoft Guardian allows you to grant specific permissions to users or groups without assigning full administrative access. This enables role-based access control (RBAC) and supports the principle of least privilege, ensuring users can perform only the tasks relevant to their responsibilities.

Use role delegation to:

• Assign granular access to Cayosoft Guardian features
• Delegate operational tasks to specific teams

Learn more: Role-based access control in Cayosoft Guardian.

Prerequisites

• You must be signed in as a Global Administrator in Cayosoft Guardian.
• The user or group must already exist in Windows / Active Directory or the connected identity source.

Accessing the delegation page

1. Sign in to the Cayosoft Guardian web portal.
2. In the left navigation pane, go to Settings.
3. Select Delegation.

The Delegation page displays all current role assignments, including the assigned identity, source, type, and roles.

Creating a new role assignment

To delegate roles to a user or group:

1. On the Delegation page, click Add.
2. The Add Role Assignment panel opens.

To configure role assignments,

1. Fill in the following fields:
   • Name - Enter the user or group name exactly as it appears in Windows or Active Directory.
   • Source - Select Windows or Active Directory.
   • Type - Choose whether the assignment applies to a User or a Group.
   • Roles - Click the field to open the Select roles panel and choose one or more roles.
   • Description (optional) - Add a description to clarify the purpose of this role assignment.

2. Click Select to confirm the chosen roles.
3. Click Save to create the role assignment.

Managing existing role assignments

From the Delegation page, you can:

• Edit an assignment by selecting it and clicking Properties.
• Delete an assignment that is no longer required.
• Export role assignments for auditing purposes.

Changes take effect immediately after saving.