Syskit Point
Schedule a DemoStart a Free TrialContact UsProduct Site
  • Syskit Point
  • Releases
    • Syskit Point Cloud
      • May 27, 2025
      • May 13, 2025
      • May 06, 2025
      • April 29, 2025
      • April 22, 2025
      • April 08, 2025
      • April 01, 2025
      • March 25, 2025
      • March 18, 2025
      • March 11, 2025
      • March 04, 2025
      • February 25, 2025
      • February 18, 2025
      • February 11, 2025
      • February 06, 2025
      • January 28, 2025
      • January 22, 2025
      • January 14, 2025
      • January 02, 2025
      • December 17, 2024
      • December 10, 2024
      • December 03, 2024
      • November 26, 2024
      • November 19, 2024
      • November 05, 2024
      • October 29, 2024
      • October 22, 2024
      • October 15, 2024
      • October 08, 2024
      • October 01, 2024
      • September 24, 2024
      • September 18, 2024
      • September 02, 2024
      • August 26, 2024
      • August 20, 2024
      • August 12, 2024
      • August 06, 2024
      • July 29, 2024
      • July 23, 2024
      • July 02, 2024
      • June 18, 2024
      • June 04, 2024
      • May 21, 2024
      • May 09, 2024
      • April 23, 2024
      • April 9, 2024
      • March 26, 2024
      • March 12, 2024
      • February 22, 2024
      • February 06, 2024
      • January 19, 2024
      • January 18, 2024
      • December 19, 2023
      • November 30, 2023
      • November 15, 2023
      • November 2, 2023
      • November 2, 2023 - Announcement
      • October 17, 2023
      • October 3, 2023
      • September 21, 2023
      • September 14, 2023
      • September 7, 2023
      • August 23, 2023
      • August 9, 2023
      • July 26, 2023
      • July 12, 2023
      • May 16, 2023
    • Syskit Point Data Center
      • Syskit Point 2025.2
        • Syskit Point 2025.2.91
        • Syskit Point 2025.2.90
        • Syskit Point 2025.2.86
        • Syskit Point 2025.2.82
        • Syskit Point 2025.2.78
      • Syskit Point 2024.6
        • Syskit Point 2024.6.73
        • Syskit Point 2024.6.71
        • Syskit Point 2024.6.70
      • Syskit Point 2024.5
        • Syskit Point 2024.5.67
        • Syskit Point 2024.5.65
      • Syskit Point 2024.4
        • Syskit Point 2024.4.60
        • Syskit Point 2024.4.54
        • Syskit Point 2024.4.52
      • Syskit Point 2024.3
        • Syskit Point 2024.3.48
      • Syskit Point 2024.2
        • Syskit Point 2024.2.45
      • Syskit Point 2024.1
        • Syskit Point 2024.1.43
        • Syskit Point 2024.1.41
      • Syskit Point 2023.5
        • Syskit Point 2023.5.39
      • Syskit Point 2023.4
        • Syskit Point 2023.4.1
        • Syskit Point 2023.4.0
      • Syskit Point 2023.3
      • Syskit Point 2023.2
      • Syskit Point 2023.1
        • Syskit Point 2023.1.3
        • Syskit Point 2023.1.2
        • Syskit Point 2023.1.1
        • Syskit Point 2023.1.0
      • Syskit Point 2022.5
        • Syskit Point 2022.5.1
        • Syskit Point 2022.5.0
      • Syskit Point 2022.4
        • Syskit Point 2022.4.1
        • Syskit Point 2022.4.0
      • Syskit Point 2022.3
        • Syskit Point 2022.3.1
        • Syskit Point 2022.3.0
      • Syskit Point 2022.2
        • Syskit Point 2022.2.3
        • Syskit Point 2022.2.2
        • Syskit Point 2022.2.1
        • Syskit Point 2022.2.0
      • Syskit Point 2021.12
      • Syskit Point 2021.11
      • Syskit Point 2021.10
      • Syskit Point 20
      • Syskit Point 19
        • Syskit Point 19.0.2
        • Syskit Point 19.0.1
        • Syskit Point 19.0.0
  • Requirements
    • Permission Requirements
    • Change Log
  • Set Up Point Cloud
    • Overview
    • Free Trial
    • Free Trial Limits
    • Manage Syskit Point Subscriptions
  • Set Up Point Data Center
    • Deployment
      • Overview
      • System Requirements
      • Deploy Syskit Point
      • Connect to Microsoft 365 Tenant
      • Set Up Custom Domain and SSL Certificate
      • Upgrade Syskit Point
      • Azure Networking
    • Activation
      • Activate Syskit Point
      • Free Trial Data Center
  • Licensing & Activation
    • Licensed Users Count
    • Activation Privacy Statement
  • Get to Know Syskit Point
    • The Syskit Point Starter Kit
    • Navigate Through Syskit Point
    • Collect Microsoft 365 Data
  • Microsoft 365 Inventory
    • Microsoft 365 Inventory Overview
    • Explore Your Microsoft 365 Dashboard
    • Sites
    • Microsoft Teams & Groups
    • Users
    • Copilot Readiness
    • Power Platform Reports
  • Configuration
    • Syskit Point Configuration Guide
    • Assign and Manage Access to Syskit Point
    • Enable Microsoft Teams Activity Tracking
    • Configure Storage Management in Syskit Point
    • Set Up E-Mail
    • Connect Service Account
    • Customize Audit Logs Collection
    • Upgrade SQL to Managed Identity Authentication
    • Enable Power Platform Data Collection
    • Enable Power BI Data Collection
    • Ignore Service Account Activity Tracking
    • Customize License Reports
    • Customize E-Mails
    • Report Data Limits
    • Turn On Auditing
    • Exclude Users from Receiving Governance Tasks
    • Customize Dashboard
    • Customize Syskit Point Appearance
    • Configure Your Environment for Storage Management
    • Save Custom Views
    • Audit for Syskit Point Settings
    • Manage Connection
  • Reporting
    • Overview
    • External Sharing Reports
    • Access Reports
    • Audit Reports
    • Cleanup & Health Reports
    • Licenses Reports
    • Analytics Reports
    • Sensitivity Labels Reports
    • Power Platform Reports
    • Power BI Reports
  • Storage Management
    • Storage Management Overview
    • Free Up Storage
    • Storage Reports
    • Limit Storage Usage
    • Storage Versioning Limits
  • Governance & Automation
    • Syskit Point Tasks
    • Access Review
      • Enable Automated Access Review
      • Create and Apply Access Review Policies
      • Modify Access Review Options
      • Monitor Access Review in Syskit Point
      • Manually Request Access Review in Syskit Point
    • Lifecycle Management
      • Lifecycle Management - Deprecated
      • Identify Inactive Workspaces
      • Enable Lifecycle Management Automation
      • Monitor Lifecycle Management Tasks in Syskit Point
      • Run Lifecycle Management Actions in Syskit Point
    • Policies
      • Set Up Policies
      • Rules
      • Blocked Users with Assigned Licenses
      • Inactive Guest Users
      • Inactive Workspaces
      • Minimum Number of Owners
      • Maximum Number of Owners
      • Orphaned Workspaces
      • Orphaned Users
      • Tenant Storage Limit
      • Workspaces with Too Many Members
      • Workspaces with Shadow Users
      • Private Workspaces Shared with Everyone
      • Workspaces Without a Sensitivity Label
      • Apply Policies
      • Upgrade to Rules
    • Security and Compliance Checks
      • Security and Compliance Checks
      • Inactive Workspaces
      • Orphaned Workspaces
      • Inactive Guest Users
      • Blocked Users with Assigned Licenses
      • Workspaces with Not Enough Owners
      • Orphaned Users
      • Workspaces with Too Many Owners
      • Tenant Storage Limit
      • Workspaces with Too Many Members
      • Workspaces with Shadow Users
      • Private Workspaces Shared with Everyone
      • Workspaces Without a Sensitivity Label
    • Provisioning
      • Set Up Provisioning
      • Enable or Disable Provisioning
      • Register Yammer App
      • Enable Sensitivity Labels
      • Restrict Microsoft 365 Groups Creation
      • Templates
      • Content & Structure
      • Configure Provisioning Failure Notifications
      • Approval Processes
      • Approve/Reject Requests
      • Manage Requests
      • Hide Workspace Name
    • Access Requests
      • Set Up Access Requests
      • Create Access Requests
      • Apply Access Requests
      • Approval Process
    • Metadata
      • Manage Custom Metadata
      • Request Metadata Review
      • Monitor Metadata Review
    • Sensitivity Review
      • Request Sensitivity Review
      • Monitor Sensitivity Review
    • Privacy Review
      • Request Privacy Review
      • Monitor Privacy Review
    • Syskit Point Teams App
    • Schedule Reports
    • Configure Alerts
    • Manage Sensitivity Labels
  • Access Management
    • Track Microsoft 365 External Users and Their Activities
    • Check Access for Specific Microsoft 365 User
    • Copy User Permissions
    • Delete and Restore Users
    • View Permission Changes in Microsoft 365
    • Supervise Microsoft Teams Private Channels
    • Manage Private Channels Access
    • Complete Power Platform Actions
  • Integrations
    • Overview
    • Syskit Point API
    • Webhooks
    • Examples
      • Webhooks
      • ServiceNow
      • Jira
  • FAQ
    • Security
    • Security Self Assessment Questionnaire
    • Storage Management
    • Free Trial
    • Licensing
    • Activation
    • Purchasing and Discounts
    • Customer Terms
    • Privacy and Compliance
    • Partner Program
    • Site Storage Limits
    • Orphaned Users
    • Inactive Users Detection
    • Provisioning - Content & Structure
  • Troubleshooting
    • Export Diagnostic Logs
    • Setup Diagnostic Logs Export
    • Analytics and Usage Report Issues
  • Explore Syskit Point for Site Owners/Collaborators
    • Syskit Point for Collaborators
    • Resolve Governance Tasks
      • My Tasks
      • Complete Access Review Tasks
      • Complete Metadata Review Tasks
      • Complete Privacy Review Tasks
      • Complete Sensitivity Review Tasks
      • Resolve Inactive Workspaces Tasks
      • Resolve Lifecycle Management Tasks
      • Resolve Inactive Guest Users Tasks
      • Resolve Minimum Number of Owners Tasks
      • Resolve Maximum Number of Owners Tasks
      • Resolve Orphaned Workspaces Tasks
      • Resolve Tenant Storage Limit Task
    • Manage Access
      • Manage External Sharing
      • Manage Users
    • Manage Workspaces
      • Request New Workspace
      • Request Workspace Access
      • Manage Workspaces
      • Manage Custom Metadata
    • Reporting
      • Syskit Icons Glossary
      • Inventory Reports
      • Schedule Reports
      • Alerts
      • Cleanup & Health Reports
      • External Sharing Reports
      • Access Reports
Powered by GitBook
On this page
  • Syskit Point Roles
  • Syskit Point Admins
  • Syskit Point Global Viewers
  • Syskit Point Exchange Admins
  • Syskit Point Collaborators
  • Setting up Role-Based Access
  • Syskit Point Admins
  • Syskit Point Global Viewers
  • Syskit Point Exchange Admins
  • Syskit Point Collaborators
  • Why Should You Enable Role-Based Access

Was this helpful?

  1. Configuration

Assign and Manage Access to Syskit Point

This article explains how you can enable Role-based Access in Syskit Point.

After deploying Syskit Point, your Microsoft 365 users can be given access to the Syskit Point web app.

By using the built-in role-based security of Syskit Point, you can easily manage who has access to Syskit Point and what features are available to them. Those assigned a role will be able to view all data collected from the Microsoft 365 tenant and perform actions based on the permissions granted to them in Microsoft 365 or have access to all data related to sites, Microsoft 365 Groups, and Microsoft teams.

  • Level of access depends on the roles assigned.

This allows site owners to perform Access Reviews on their site and complete Lifecycle Management tasks to determine which workspaces should be archived or kept.

Read on to learn more about the specifics of each role and how to assign them to your users.

Syskit Point Roles

Syskit Point offers four predefined access roles:

  • Syskit Point Admins

  • Syskit Point Global Viewers

  • Syskit Point Exchange Admins

  • Syskit Point Collaborators

Syskit Point Admins

Users with the Syskit Point Admins role assigned can:

  • see all data collected from your Microsoft 365 tenant

  • manage all settings in Syskit Point

  • perform actions based on the permissions granted in Microsoft 365

Syskit Point Global Viewers

Users with the Syskit Point Global Viewers role assigned can:

  • see all data collected from your Microsoft 365 tenant

They have Read-Only access and cannot execute actions or manage application settings.

Syskit Point Exchange Admins

Users with the Syskit Point Exchange Admins role assigned can:

  • access the Exchange Logs report exclusively

They have Read-Only access and cannot execute actions or manage application settings.

Syskit Point Collaborators

The only role in Syskit Point that is assigned automatically to users or security groups, based on their ownership permissions in the Microsoft 365 tenant. When signed in to Syskit Point, they can:

  • access all data related to Microsoft 365 workspaces where they are owners/administrators

  • perform actions based on the permissions granted in Microsoft 365

Additional options enable you to control if actions and specific reports are available to Collaborators in Syskit Point. All options are described in the following section.

Setting up Role-Based Access

To manage who has access to Syskit Point, navigate to Settings > Security > Manage Access (1) Here, you will find:

  • All Syskit Point roles (2) in a separate section

  • Toggle (3) that enables a particular role; by default, all roles except the Syskit Point Admin role are initially disabled

  • Tile with number of assigned users (4) for each role; the total number of users with the assigned role is displayed in the tile

  • Assign to role (5) button enabling you to add a user to a role easily

  • Save (6) button to save changes

Clicking the tile showing the number of assigned users per role opens a report for the corresponding role Here, you can:

  • See all users with the assigned role (1); by default, Company Administrator and SharePoint Service Administrator Azure AD Roles are automatically assigned with the Syskit Point Admin role

  • Assign (2) new users to the role; you can add users, Microsoft 365 Administration roles, security groups, and Microsoft 365 Groups

  • Export or schedule (3) the report

Additionally, you can remove a user from the role. To do so:

  • Select the user by clicking the checkbox next to the user name (1)

  • Click the Remove Access from Syskit Point (2) action

A dialog shows, asking you to confirm the removal action.

When the action is completed, the selected user no longer has access to Syskit Point.

Please note! Removing user access from Syskit Point will not remove a user from your Microsoft 365 environment.

Syskit Point Admins

During the initial user sync, Syskit Point will automatically add two Microsoft 365 administration roles (Company Administrator and SharePoint Service Administrator) as Syskit Point Admins. Any user in your Microsoft 365 environment with that role will automatically have full access to Syskit Point.

Please note! You cannot assign or remove a user from a Microsoft 365 administration role in Syskit Point.

Syskit Point Global Viewers

Global Viewers role gives the assigned users the ability to:

  • Sign in to Syskit Point

  • Generate, view, and schedule reports

  • See all data collected from Microsoft 365 However, Global Viewers will not be able to:

  • Execute actions

  • Manage Syskit Point settings

Syskit Point Exchange Admins

Syskit Point Exchange Admins:

  • Can view Exchange Log reports for your environment

  • Have Read-Only access on the Exchange Logs report

  • Cannot execute actions and manage application settings

Syskit Point Collaborators

The Syskit Point Collaborators role enables site admins, Microsoft Teams, and Microsoft 365 Group owners to:

  • Access Syskit Point

  • See all information collected from Microsoft 365 for workspaces that they have access to

  • Efficiently manage their workspaces by running actions; Collaborators can perform actions based on their assigned permissions in Microsoft 365 environment

  • See user data collected from Microsoft 365 for users they are the manager of

Please note! When the Collaborators role is enabled, Syskit Point automatically assigns site admins, Microsoft Teams, and Microsoft 365 Group owners to Syskit Point Collaborators role.

Additional options are available when the Syskit Point Collaborators role is enabled:

  • Give users read-only access (disable actions) (1); when enabled, Collaborators cannot run actions in Syskit Point

  • Add users with Full Control (2); when enabled, users with Full Control permissions on workspaces will be assigned with the Collaborators role in Syskit Point

  • Give users access to license reports (3); when enabled, Collaborators can access License reports

  • Give Collaborators access to subordinate user's activities (4); when enabled, Collaborators will be able to view the OneDrive tile, the Analytics & Usage tile, Audit log reports when accessing User details or workspaces they manage

Why Should You Enable Role-Based Access

Role-Based Access brings the following benefits:

  • Empowers all admins and owners (and users with Full Control permissions) to manage their workspaces

  • Gives admins and owners access to all reports and relevant information without disclosing the content they are not allowed to see

For example, Syskit Point Admin generates the User Access report. Instead of sharing the URL of the generated report to another Syskit Point Admin, they sent it to the Syskit Point Collaborator that doesn't have access to all the users on the said environment. This is where the Role-Based Access kicks in.

When said Syskit Point Collaborator opens the URL, the report will be generated but only contain users the Collaborator manages. Also, the report will only show workspaces that the Collaborator owns.

When Syskit Point Collaborator tries to drill to the user details page of a user they are not a manager of, they will be redirected to an Unauthorized Access page.

As demonstrated, the Role-Based Access provides a secure framework for collaboration in your Microsoft 365 environment.

PreviousSyskit Point Configuration GuideNextEnable Microsoft Teams Activity Tracking

Last updated 1 year ago

Was this helpful?

Settings - Manage Access
Manage Access - Syskit Point Admins
Manage Access - Remove
Collaborators - Options
Unauthorized access page