# Users, Roles & Permissions AutoRABIT (ARM) organizes access with **users**, **roles**, and **permissions**. Understanding these layers helps you grant just-right privileges while keeping administrative tasks manageable. *** ## Users in ARM ### Super Administrator The **Super Administrator** (Super Admin) has the highest privileges in ARM. * Create other admins * Install and configure agents * Add users to admin groups > **Super Admin safeguards**\ > \&#xNAN;*Super Admin* and **the currently logged-in user** are locked for **all** user-management actions: they cannot be added, deleted, suspended, edited, or delegated. ### Org Administrators **Org Administrators** (Admins) access the **Admin Dashboard** to manage users, roles, and modules. An admin can hold multiple roles; ARM always applies the most permissive combination. Admin-level capabilities include: * Add, edit, or delete users * Export user lists to CSV * Enforce SSO * Manage roles and permissions ### General Users General users work in ARM modules according to permissions their Admin assigns. They **do not** see the Admin Dashboard. *** ## Create a New User Account 1. Log in to ARM. 2. Go to **Admin › Users** and click **Add User**.
Add User button in the Users list
3. Fill **User Details** and assign **Role Permissions**. 4. Choose **Save & Activate** (immediate) or **Save Now & Activate Later**.
User details form with role selection
5. The new user receives an email to set a password. 6. The user appears in **Admin › Users**. *** ## Edit a User Account 1. In **Admin › Users**, locate the user and click **Edit**.
Edit icon for user row
2. Update fields (Username and Email are immutable). 3. Click **Save**. *** ## Delete or Suspend a User * **Delete User** – permanently remove the account.
Trash-can icon to delete a user
* **Activate / De-activate** – toggle suspension.
Activate/De-activate toggle button
Confirm the action to proceed. *** ## Enforce Single Sign-On (SSO) 1. Open **My Account** › **SSO Configuration**. 2. Check **Disable login with AutoRABIT credentials** and click **Save**. Admins can still log in with username/password.\ To override SSO for select users, uncheck **Enforce SSO** next to their names.
Override Enforce SSO checkboxes for selected users
> When you disable standard login, **Enforce SSO** auto-checks for all users. *** ## Export Users Admins can download all user data as CSV. 1. In **Admin › Users**, click **Export All Users**.
Export All Users button
2. Select fields and click **Export**.
Field-selection dialog for CSV export
3. A CSV downloads to your computer. > **Location privacy** – If a user blocks location sharing, ARM uses IP-based location. *** ## Creating and Editing Roles 1. Go to **Admin › Roles**.
Roles option in Admin menu
2. Click **Create Role**.
Create Role button
3. Provide a **Role Name**, **Description**, and tick permissions.
Role permissions checklist
4. Click **Save**. > *The default **Admin** role has full permissions and cannot be edited or renamed.* *** ## User Permissions 1. Open **Admin › Permissions**.
Permissions tab in Admin menu
2. Select two or more users and click **Bulk Assignment**.
Bulk Assignment button
Admins are hidden on this screen because they already hold full access.
Assign roles and modules to selected users
Save confirmation after assigning permissions
*** ## FAQ ### I’m an admin but can’t see certain branches or commits. Your ARM account may belong to a different organization than those resources. ### Why can’t I see the User Management section anymore? Your roles/permissions were changed. Contact another Org Administrator. ### Deleted users still appear in lists. * Their **credentials** may still exist in **Admin › Credential Manager**. * Repositories may reference those credentials—update or re-register. ### Why do some users lack access to certain ARM features? Check their roles in **Admin › Roles**; only Admins have unrestricted access. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://knowledgebase.autorabit.com/product-guides/arm/arm-administration/user-management/users-roles-and-permissions.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.