Skip to main content
As a tenant administrator, you can assign roles to your colleagues that grant them limited access to the . This allows tenant members to complete their jobs without putting production applications at risk, while also complying with the principle of least privilege.
Every role receives access to Support Center.

Dashboard roles

You can assign the following roles for Auth0 Dashboard access:

Availability varies by Auth0 plan

Your Auth0 plan or custom agreement affects the availability of this feature. To learn more, read Auth0’s Pricing Page.
Limited-access roles restrict a tenant member’s Dashboard experience to only the sections and actions necessary for their job. The feature permissions associated with each role are outlined below. If a specific permission is not listed for a role, tenant members given that role will not have access to that area of the Auth0 Dashboard.
Admin users have read/write access to all areas of the Auth0 Dashboard, including extensions.
  • Update-only access for specific applications. Users cannot create new applications.
  • Access to user events only.
  • Access to user events only.
  • Excludes access to secrets.
  • Access to metrics only.

Log events available to user roles

Logs can contain sensitive data, such as secrets, PII, etc. It is important not to disclose sensitive data to users whose role does not require that information. However, the Editor - Users or Viewer - Users roles need to have some access to logs to identity user issues. For example, finding out if the user signed up correctly, if the user was blocked, etc. We allow the Editor - Users and Viewer - Users with access to a limited set of log types, that are connected to user events. The log events in the list provide the necessary information about user actions but do not disclose sensitive information about other parts of the tenant configuration. To learn more, read Log Event Type Codes.

Limitations

  • Users with Admin role can invite Editor - Specific Apps users to one application at a time. To work around this, the Admin user can edit their role to assign multiple applications after the user accepts the invitation.
  • The Viewer - Users and Editor - Users roles don’t have access to the Users’ Devices and Authorized Apps sections.
  • The New Activity Page is visible to Admins and Elevated Support Access users only. Editor - Users and Viewer - Users can access daily activity (such as logins or signups) through the Auth0 Management API.

Private Cloud requirements

The Editor - Users and the Viewer - Users roles require that User Search v3 and Logs Search v3 are enabled in your environment. If your environments don’t support these versions, these two roles are unavailable.

Learn more