Managing Your Team

Rumble supports multiple concurrent users with a variety of roles. To add a team member, access the Your Team page, and use the Add Team Member button to send an invitation. If you use a SAML2-compatible single sign on (SSO) implementation, the SSO Settings page can be used to configure an Identity Provider (IdP) and allow permitted users to login to the Rumble console.

Global Roles

Rumble allows roles to be defined per-user at both the global and organization level. The standard roles are Admin,User, Viewer, and Billing. In addition to these standard roles, a Superuser role also exists for the management of global settings.

The first user created within the Rumble console is considered a superuser. This role allows management of global settings like subscriptions and SSO parameters, and can be used to promote or demote other users as Superusers. For SSO users, a single Superuser should be configured with a strong password and MFA to be used as a backup if SSO settings need to be changed in the future.
Administrators can modify any aspect of an organization and have the unique ability to purge bulk data, create additional organizations, and reset settings of other users.
Users have full access to an organization and can update Sites, modify Assets, schedule Scans, and generally use most functionality. Users are not permitted to reset other user's security credentials, bulk delete data, or remove the organization as a whole.
Viewers have read-only access to everything within an organization. This includes the Export API token, all Inventory data, all reports, and all Task configurations. Viewers are not allowed to interact with tasks, modify settings, or update assets. Viewers may download the command-line Rumble Scanner and install Agents.
Billing users are unable to see any asset data, but can manage the license, billing, and entity settings for the account.
Accounts with No Access set in the global role are limited to those organizations where they have been granted specific access. If no organizations are allowed the user is limited to managing their own account settings. These accounts can only see other users that share their authorized organizations. The No Access global role can be used to create a single-organization user, such as a customer or third-party that needs access to the inventory for a specific organization. For consulting use cases, a single-organization user is a great way to provide clients visibility into their environment at no additional cost.