Role and Responsibility Reference
This page explains the product-facing role differences in a short operational form.
Role matrix
| Role | Typical access | Why the role exists | Practical boundary |
|---|---|---|---|
user | read monitoring data and work inside assigned scope | everyday product usage | no broad administration |
admin | manage users, visibility, notifications, templates, and company operations | company-level control | no platform-global control |
superadmin | platform-wide control, companies, infrastructure, deep operations | central platform governance | should be used deliberately because scope is broader |
UI impact matrix
| Role | Typical UI effect |
|---|---|
user | tenant and monitoring views only |
admin | admin area becomes available |
superadmin | superadmin area and system docs become available |
Focused scope and visibility
Some users can work in a narrower focused or tag-based scope. That changes what they see, even without changing the basic role name.
Typical effects:
- fewer visible tenants
- focused routes instead of broad overview routes
- resource-specific masking in some operational views
Security meaning in product terms
- roles control who can administer people and settings
- visibility rules control which tenant data a person can see
- restricted resources can still hide sensitive data even when a tenant remains visible
Shared product context
For shared state meanings across alerting, archives, masking, and visibility, see Product Reference and Shared Product Values.