Users and Permissions
The English user guide is currently in beta preview. Most of the documents have been automatically translated from the Japanese version. Should you find any inaccuracies, please reach out to Flatt Security.
Organizations and Users
Shisho Cloud byGMO and Takumi byGMO are built around the organization as the primary unit. A single user account can belong to multiple organizations, and a single organization can have multiple users. Organizations and users form a many-to-many relationship.
As shown above, the same user can participate as a member of multiple companies, business units, or project-scoped organizations at the same time. Roles granted to a user are scoped independently per organization.
Per-organization RBAC
Within each organization, role-based access control (RBAC) is applied to users and to teams that group multiple users together. Whether a given user can use a given capability (Assessment, Guard, Runner, console settings, etc.) is determined by the roles assigned to that user or to the teams they belong to, within that organization.
A single user or team can be assigned multiple roles at the same time. The diagram below shows an example role layout within Organization X.
Because role design is independent per organization, role assignments in another organization are completely separate. The same user can hold, say, an administrator role in Organization X and a read-only role in Organization Y at the same time.
Dig deeper
Pick the topic you want to dive into:
- To manage permissions for multiple users at once, or to grant permissions per department, see Team.
- To see which roles are available and what each one can do, see Roles and Permissions.
- To harden the authentication on an individual account, see Multi-Factor Authentication.
- To enable SSO (SAML) across your organization, see SAML Single Sign-On.