Use custom admin roles
An admin role assignment consists of the following components:
-
Admin: The user or the user group that you need to grant admin permissions to.
-
Role: A set of permissions that you constrain an admin to. There are two types of roles, standard and custom. You can create a maximum of 100 roles for an org. Currently, permissions are limited to managing user, group, and app activity, as well as running profile source imports.
-
Resource set: A collection of resources. You can create a maximum of 10,000 resource sets and assign a maximum of 1,000 resources for each resource set.
-
Resource sets are only available for custom admin roles.
-
You can only have 1,000 admins who have the same role and resource set combination constrained to them.
You can create a custom admin role assignment by beginning with any of these components:
While creating a custom admin role assignment, you can also:
- Create an admin, role, and/or resource set.
- Edit an existing assignment.
- Delete an existing assignment.