Role-based access control in Lansweeper lets you define what users can do in your site and what data they can access.
Using roles, you can tailor access for administrators, analysts, or operational teams to match your security and governance needs.
For more information about access management, see Access management in Lansweeper Sites.
What are roles?
A role defines what someone can do and see in Lansweeper.
Roles combine:
Permissions: The specific actions a member can perform, such as manage assets or view dashboards.
Scopes: The assets where those actions apply.
By assigning a role to an account member or group, you control their effective permissions across your site.
Default roles
Lansweeper Sites includes five predefined roles that cover common access levels.
You can edit any role except the Administrator role to better fit your organization’s needs.
Role | Description |
|---|---|
Administrator | Grants all permissions except those reserved for Site Owners (for example, deleting the Site or managing Site-level settings). |
Analyse data | Allows viewing all data in Lansweeper Sites and creating dashboards and reports, but not modifying asset configurations. |
Application admin | Provides access to APIs and application management areas. |
Manage assets | Lets users manage and configure assets but not change Site-wide settings. |
View data | Provides read-only access to view asset data and reports. |
Create a new role
Use custom roles to meet access requirements that the default roles don’t cover, such as restricting edit permissions to specific teams.
You must have Administrator or Site Owner privileges.
To create a new role:
In your Lansweeper Site, go to Site settings > Account management > Roles and permissions.
Select Create role.
Enter a Name.
Select Permissions. Work through the list and select which permissions to grant.
Optionally, select Scope to add an asset scope.
Select Create.
Once saved, the new role appears in your Roles and permissions list and can be assigned to member accounts or account groups.
How permissions and scopes combine
When a user or account group has multiple roles, Lansweeper combines all permissions and scopes from those roles.
Permissions are additive: an account gains access to all features granted by any of its assigned roles.
Scopes are additive: an account can see all assets included in any of the scopes assigned through their roles.
This means there’s no priority order or override as access expands with each additional role.
Example
Role | Permissions | Scope |
|---|---|---|
Role 1 | View assets | Windows assets only |
Role 2 | View and edit assets | Linux assets only |
Result:
The user can view and edit assets available to them and will have access to both Windows and Linux assets.
Next steps
Now that your roles are created, you can: