Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Adding User-Defined Roles for OpCo, and Tenant Users


Use the Add Role page to create custom (user-defined) roles and assign access privileges (read, create, update, delete, and other actions) to OpCo, and tenant user roles.

A user with the Create Role privilege can create custom roles for OpCo, and tenant users.

To create a custom role:

  1. Select Administration > Roles in Administration Portal.

    The Roles page appears.

  2. Click the add icon (+) to create a new role.

    The Add Role page appears.

  3. Complete the configuration according to the guidelines provided in Table 1.
  4. Click OK.

    A new role is created and listed on the Roles page.


    The tenant list in the top banner of the CSO is not displayed if the OpCo user that is logged in to CSO does not have tenant roles assigned.

Table 1: Fields on the Add Role Page



Role Name

Enter a unique role name. The name can contain alphanumeric characters, underscore, period, and space.


Enter a description for the role.

Role scope (Visibility)

Select the scope of the role. You can assign the role to the OpCo, or tenant user. There are three scopes for user roles:

  • Tenant—Select this option to assign the role to tenant users.

    If you select the role scope as Tenant, then the Privileges section displays the objects of the Customer Portal.

  • OpCo—Select this option to assign the role to OpCo users.

    If you select the role scope as OpCo, then the Privileges section displays the objects of the OpCo.

Access Privileges

All Objects—Displays the objects of Administration Portal and Customer Portal based on the scope of the role that you selected. You must select the check box against each object and then select the type of privileges (read, write, update, delete, and other actions) that you want to assign the user for the selected object. You can select one or more access privileges to assign to the user role.

Note: You must assign at least one access privilege to a role.

If you select the first-level objects, the submenu items that belong to the main object and the corresponding access privileges are also selected.

The following access privileges can be assigned to a user role:

  • Read—Enables the user to read existing objects.

  • Create—Enables the user to create new objects.

  • Update—Enables the user to modify existing objects.

  • Delete—Enables the user to delete existing objects.

You can also assign other actions to user roles. The other actions include retry, schedule update, schedule delete, activate, reboot, push license, clone, edit template, deploy, and upgrade history.