Understanding member access roles

Member access roles allow for each of your MSP employees to have their own role allowing them access to different things at different levels. If you want to control your clients access roles, please read our client access roles article.

HighGround uses Role Based Access Control (RBAC), making it much easier for you to setup accessing pre-defined permission levels for the majority of access requirements.

There are 2 different types of member access roles:

Default: these are pre-defined member access roles within HighGround and cover the most common access scenarios you are likely to require.

Custom: these are member access roles created by you to meet specific needs.

Member access roles are made up of a collection of access levels. The access levels are generic and will control access differently within different parts of HighGround.

The following table details the standard access level types.

Member access roles in HighGround are broken down into two distinct sections for managing permissions:

MSP Modules: These permissions control access to MSP-specific features, such as Companies, Integrations, Sell, Security Stack, SecOps, and more.

Client Management: This section defines what members can view and manage within a client’s profile.

There are different access levels available for different modules in HighGround, as detailed in the matrix below.

The following tables detail the access levels used for each section of the default member access roles.

For custom access control needs, you can create a custom access role using the default access levels available in HighGround.

There are two methods for creating a custom access role:

Duplicating: Duplicate an existing default member access role or a custom role you’ve already created. This method is great if you want to make slight adjustments without starting from scratch.

Create: Start fresh by creating a brand-new custom member access role. This option gives you full control over the permissions you want to assign.

The following section will walk you through how to perform each of these actions

Watch our instructional video on duplicating roles or, alternatively read the steps listed below.

Step 1: Click on your profile picture in the top right corner and select 'MSP System Settings'.

Step 2: On the left-hand side of your screen, navigate to 'Members and Access'.

Step 3: Click on 'Access Roles' to access the list of available roles.

Step 4: Locate the role you want to duplicate and click on the ellipsis (three dots) next to it.

Step 5: Your duplicated role will appear at the bottom of the list. From here, you can make any necessary changes.

Step 6: Once you've made your changes, click 'Save', and your custom access role will be updated automatically.

Watch our instructional video on creating custom roles or, alternatively read the steps listed below.

Step 1: Click on your profile picture in the top right corner and select 'MSP System Settings'.

Step 2: On the left-hand side of your screen, navigate to 'Members and Access'.

Step 3: Click on 'Access Roles' to view your access role settings.

Step 4: Select the 'Add Access Role' button to create a new role.

Step 5: Give your new access role a name and description, then customize the role as needed.

Step 6: Click 'Save', and your new access role will be added to the bottom of your list of member access roles.

The default member access roles in HighGround cannot be edited directly. If you need to make changes, the best approach is to duplicate the role and modify the duplicate instead.

Custom member access roles, however, can be edited at any time. Just keep in mind that any changes made will take effect immediately for all members associated with that role.

To edit a member access role, follow these steps:

Step 1: Click on your profile picture in the top right corner and select 'MSP System Settings'.

Step 2: In the left-hand menu, go to 'Members and Access'.

Step 3: Choose the member access role you’d like to edit.

Step 4: Make the necessary changes to the role.

Step 5: Press 'Save', and the access role will be automatically updated.

By following these steps, you can easily manage and update your member access roles to ensure they meet your current requirements.

The default member access roles in HighGround can not be deleted.

Before deleting a custom access role, you must first ensure that it is not actively in use by any user.

To delete a member access role, follow these steps.

Step 1: Click on your profile picture in the top right corner and select 'MSP System Settings'.

Step 2: In the left-hand menu, go to 'Members and Access'.

Step 3: Find the access role you want to delete and click on the ellipsis (three dots) next to it.

Step 4: From the three options ('Duplicate', 'Edit', and 'Delete'), select 'Delete'.

Step 5: If the role is actively in use, you’ll see a prompt confirming whether you want

to proceed. If you’re sure you want to delete the role, click 'Delete' again to confirm.

Step 1: Click on your profile picture in the top right corner and select 'MSP System Settings'.

Step 2: From the left-hand menu, choose 'Members and Access'.

Step 3: Locate and select the member you want to assign an access role to.

Step 4: Next to their name, click the 'Select' dropdown menu, and your list of available access roles will appear.

Step 5: Choose the access role you'd like to apply to the member from the list.

It can be useful to preview what permissions a member will have in HighGround. You can do this by using the 'preview' feature from an MSP employees account. Watch our instructional vide on this or, read the steps listed below.

Step 1: From your dashboard, click on your profile picture in the top right corner.

Step 2: Select 'MSP System Settings' from the dropdown menu.

Step 3: Navigate to 'Members and Access' in the left-hand menu.

Step 4: Choose the member you’d like to preview and click on their profile picture.

Step 5: Scroll down to the 'Access Roles' section.

Step 6: Click on 'Preview Access' to view the member's permissions.