Admins and Roles
The IT admins have to be given more privileges with which they can make the access to Scalefusion Dashboard more secure for users. To achieve this, they can configure certain settings via Admins and Roles section on Dashboard, like:
- Create and manage Administrators
- Create and manage Custom Roles
- Configure Password Policy and Session Management
- Configure SAML sign in for various Identity Providers
This document describes all about Admins and Roles section.
Before You Begin
- Have a Scalefusion dashboard account
- The admin should be in the role of Owner or Co-Account Manager
How to Access
Click on your account profile in the upper right corner. There are two ways to access Admins and Roles:
- View and Edit Profile
Click on View and Edit Profile. This will open your Account profile page. Admins and Roles button is present on the top right of this page.

- Admins and Roles
Clicking on this directly opens the Admins and Roles page.

Sections under Admins and Roles
Following are the main sections on this page:
- Administrators
- Roles & Permissions
- Security
- Sign In Settings
Administrators
You can add new Administrators and manage existing ones. To add a new admin:
- Click on the Add New Admin button in the upper right corner.
- Add Admin window will appear. Enter the details and select the role (to be assigned to this administrator) from the drop-down list.
Account Expire On: You can set a date on which the account will expire and the admin will not be able to login and access the dashboard post that date.System Roles and Custom Roles will be listed in Role drop-down

- Click Submit
- You will receive an activation email on the email id entered above, to activate. Click on the Activate Your Account And Log in button in your email. Your newly created admin will appear in the Account Profile.
Additional features
- View the total number of administrators displayed on top
- Search for administrator(s) by email id or name
- Download the list in csv format
Roles & Permissions
There are two categories of roles:
- System Roles: Scalefusion has some pre-defined roles for users which they can assign while creating administrator(s). They are as follows:
Role Name | Description | Permissions |
Group Admin | Group admin can see the devices only for the device groups he/she is assigned |
|
Device Admin | Device admin can see all the devices present in the account |
|
Co-Account Manager | Co-Account Manager has access to all features similar to owner | All Access |
- Custom Roles: You can also create your own custom role, enable/disable permissions as per requirement and assign this role to administrators. To create a custom role:
- Under the Admin and Roles page, click on the Roles & Permissions tab.
- Click on Create New under Custom Roles.
- A new page will open. Fill the following details:
Role Name: Enter a name for this role
Creating Role: Choose one, whether you want to create role for All Devices or for Device Groups
Permissions: There are three categories to set permissions:- Visibility: Toggle this button to on/off based on whether a particular feature should be visible on the dashboard.
- All Access: This provides both read and write permissions to the admin.
- Read Only: This provides read-only permission to the admin.Any feature can either be assigned with All Access or Read Only
- Once all the permissions are set, click on the Save Role button.
- The custom role created will appear on Roles & Permissions page.
Assign a custom role to admin
If you want to assign a custom role to an admin:
- Visit Administrators page and click on the three dots in front of an existing admin. Select Edit.
- This will open the Edit Admin User window. Here, in the Role drop-down, select a role and Submit
- The custom role with all the permissions defined in it, will be assigned to this admin.
Security
In this section, you can do the following:
Enable 2-step verification
If enabled, it adds extra layer of security when you and admins login to dashboard. After password verification, a verification code is sent as a second step which when entered authenticates and lets the admins log in to dashboard. To activate this,
- Toggle on the setting Enable 2-step verification.
- There are two options. Choose any one:
- Email: A unique verification code will be sent to the e-mail post verification of password.
- Google Authenticator: Users need to install Google Authenticator application and enter the Unique verification code displayed in the app, at the time of login.
- Click Save after selecting one of the above options.
Password Policy and Session Management
Configure password policy for your account as well as for other admin accounts to secure dashboard access.
- To configure, toggle on Password Policy & Session Management setting. This will activate the settings to be configured
Important
The policy is not applicable on users who sign in via SAML, GSuite or O365 account
- Following are the settings to configure Password Policy
Policy | Description |
Minimum Password Length | Select from the drop-down what should be the minimum length of the password. By default it is set to 8. It can be set till 15. |
Minimum Number of Digits | Select the minimum no. of numeric digits that should be there in the password. By default it is None. You can either select 1 or 2 |
Minimum Number of Alphabets | Select the minimum no. of characters that should be there in the password. By default it is None. You can either select 1 or 2 |
Minimum Number of Lower case Alphabets | Select the minimum no. of alphabets in lower case that should be there in the password. By default it is None. You can either select 1 or 2 |
Minimum Number of Upper case Alphabets | Select the minimum no. of alphabets in upper case that should be there in the password. By default it is None. You can either select 1 or 2 |
Minimum Number of Symbols | Select the minimum no. of symbols that should be there in the password. By default it is None. You can either select 1 or 2 |
Password Expiry Period | Select a time period after which the password expires and user is forced to set a new password. Following are the options:
|
Maximum Password History List | Select the number of historical passwords that the user cannot use while setting a new password. Following are the options:
|

- Click Save after configuring policy.
- You will be asked to enter your current login password. Enter password and click Submit.
- The next time you Sign In to the dashboard, you will be asked to configure new password with the rules you have set for configuring new password, provided the existing password does not meet the requirements as per new policy. Following screen will be displayed to change password
- Change Password within Dashboard
When the admin/owner/co-account owners want to change their password from within dashboard from View and Edit profile, the screen displays rules as per new policy

Enable Automatic Session Timeout
Specify duration after which the user will be automatically logged out from the dashboard. To do so,
Enter duration: This takes values between 1-1440 and select one unit of time out of minutes, hours or days

Enable Multiple Login Sessions
With this setting, admin can configure if users can sign in to Dashboard from multiple locations or allow only one session at a given time.

By default, this setting is ON which means users can sign in from multiple locations. If set to OFF, the user is allowed to sign in only from one device or browser at a time, that is, they will be auto-logged out from their previous sessions when they sign into a new browser.
- If user does a fresh login from another device/browser, they will be able to log in to the dashboard while on the existing device/browser, the following message will be displayed:

- If you wish to continue using on existing device, click Continue. This will log the user in again and log out from other devices.
Deactivate the Account if the user does not login for (days)
IT Admins can define a period after which the users' Scalefusion account is marked as de-activated if there is no activity from that account. No activity means, the user has not logged in to the account or there is no activity on the Dashboard at all.
Enter number of days (from 1-365) in front of the setting and click Save. The account gets de-activated after the specified no. of days.

If the user tries to login following message will get displayed:

Once an account is deactivated an email will go to the owner, co-account owner and other admins briefing that the email account is deactivated.
Important Points:
- Except Co-Account owner and owner, this setting can be configured for any other role
- This setting can also be configured for IdP based accounts viz SAML, GSuite, O365, Active Directory users
- A de-activated account can be reactivated also. In the Administrators section, click on three dots in front of the account that is de-activated and click Re-Activate. You will get a confirmation box, click Re-activate and the account will be accessible again.
Account Locking settings on invalid Sign In attempts
The admins can also configure account locking settings if there are invalid sign in attempts to the Dashboard.
- Following are the configurable settings:
Setting | Description |
Number of invalid attempts after which account is locked | Select the number of invalid attempts made to login to Dashboard after which the user's account will get locked. The options are:
|
Duration for which the account should be locked | Select the duration (in minutes) and the account will get locked for that much time:
|
Send Unlock instructions to the user email | The user gets unlock instructions over email as soon as the account gets locked after specified no. of invalid attempts. Following the instructions, they can unlock their account before it gets unlocked after the configured duration. If this setting is disabled then the account is enabled automatically after the configured duration. |
Send Email Alerts on invalid Sign In attempts | If set to ON, the users get email alerts if there are invalid sign in attempts. The alerts can be sent to the following:
|

- Click Save after configuring policy.
- You will be asked to enter your current login password. Enter password and click Submit.
Sign In Settings
Configure SAML based Sign In to Scalefusion Dashboard with which you and Admins in your organization with access to Scalefusion will be forced to Sign In using your Authentication provider. To configure SAML, please visit the Integrations help section.