Managing your team

Rumble supports multiple concurrent users with a variety of roles. To add a team member, access the Your Team page, and use the Add Team Member button to send an invitation. If you use a SAML2-compatible single sign on (SSO) implementation, the SSO Settings page can be used to configure an Identity Provider (IdP) and allow permitted users to login to the Rumble console.

Global roles

Rumble allows roles to be defined per-user at both the global and organization level. The standard roles are admin, user, viewer, and billing. There is also a superuser role available to manage global settings.


The first user created within the Rumble console is considered a superuser. This role allows management of global settings like subscriptions and SSO parameters and can be used to promote or demote other users as superusers. For SSO users, you should configure a single superuser with a strong password and MFA that can used as a backup if SSO settings need to be changed in the future.


Administrators can modify any aspect of an organization and have the unique ability to permanently delete bulk data, create additional organizations, and reset settings for other users.


Users have full access to an organization and can update sites, modify assets, schedule scans, and generally use most functionality. Users are not permitted to reset other user’s security credentials, bulk delete data, or delete an organization.


Viewers have read-only access to an organization. This includes all inventory data, all reports, and all task configurations. Viewers are not allowed to interact with tasks, modify settings, or update assets. Viewers may not download the command-line Rumble Scanner and install Rumble Explorers, and they do not have access to view API tokens or export tokens.


Billing users are unable to see any asset data, but can manage the licensing, billing, and entity settings for the account.

No Access

Accounts with no access, which is set in the global role, are limited to those organizations where they have been granted access. If no organizations are allowed, the user is limited to managing their own account settings.

These accounts can only see other users that share their authorized organizations. The no access global role can be used to create a single-organization user, such as a customer or third-party that needs access to the inventory for a specific organization. For consulting use cases, a single-organization user is a way to provide clients with visibility into their environment at no additional cost.