Skip to main content

Admin Scopes

An Admin Scope is a collection of administrators and allows granular permission assignment by segregating different user and admin pools. It's best practice to match admin groups with the support organization in your company:

  • If your company has a global or unified Support team, consider creating a helpdesk group with non-invasive support permissions and another admin group with higher privileges.
  • If your company has support teams based on their location or division, consider creating an Admin Group, each with non-invasive support permissions and another admin group with higher privileges..

Required Permissions

Admin Scopes are created and managed by EndpointOps Administrators.

image.png

Admin Scope Creation

Admin Scopes follow a similar principle to the End User Scopes, but they only support User group membership assignments. 

image.png

To create a new Admin Scope:

  1. Click on Create new Admin Scope
  2. Type the name of an AAD Group, Administrative Unit, or Global Azure Role. The membership of one of the groups is sufficient to become associated with an Admin Scope.
  3. Select an entry from the list
  4. Selected objects will appear on the right side. Undo the selection with the Remove Button
  5. Use the Next button to proceed with the second step.

image.png
  1. The name of the Admin Scope is visible to Helpdesk operators in the My Access
  2. Enabled Admin Scopes will be used in Endpoint Ops, whereas Disabled Admin Scopes are omitted.
  3. Proceed with the Next button to Save your Admin Scope.

Edit or delete Admin Scopes

Admin Scopes can be updated or deleted at any point. Simply use the Edit or Delete button on the respective Admin Scope.

image.png

Back to top