Rumble supports multiple concurrent users with a variety of roles. To add a team member, access the Your Team page, and use the
Add Team Member button to
send an invitation. If you use a SAML2-compatible single sign on (SSO) implementation, the SSO Settings page can be used to configure an Identity Provider (IdP) and allow
permitted users to login to the Rumble console.
Rumble allows roles to be defined per-user at both the global and organization level. The standard roles are
In addition to these standard roles, a
Superuser role also exists for the management of global settings.
The first user created within the Rumble console is considered a superuser. This role allows management of
global settings like subscriptions and SSO parameters, and can be used to promote or demote other users as
Superusers. For SSO users, a single Superuser
should be configured with a strong password and MFA to be used as a backup if SSO settings need to be
changed in the future.
Administrators can modify any aspect of an organization and have the unique ability to purge bulk data,
create additional organizations, and reset settings of other users.
Users have full access to an organization and can update Sites, modify Assets, schedule Scans, and generally
use most functionality. Users are not permitted to reset other user's security credentials, bulk delete
data, or remove the organization as a whole.
Viewers have read-only access to everything within an organization. This includes the Export API token, all
Inventory data, all reports, and all Task configurations. Viewers are not allowed to interact with tasks,
modify settings, or update assets. Viewers may download the command-line Rumble Scanner and install Agents.
Billing users are unable to see any asset data, but can manage the license, billing, and entity settings for the account.
Accounts with No Access set in the global role are limited to those organizations where they have been granted specific access.
If no organizations are allowed the user is limited to managing their own account settings.
These accounts can only see other users that share their authorized organizations. The No Access
global role can be used to create a single-organization user, such as a customer or third-party that needs
access to the inventory for a specific organization. For consulting use cases, a single-organization user is a
great way to provide clients visibility into their environment at no additional cost.