Pckgr is moving all users from Winget to our Private Repository!
Read how to upgrade your apps with one simple click.
WebsitePckgrBlog

RBAC - Role Based Access Controls

Learn how to implement user restrictions across your Dashboard.

RBAC – Role-Based Access Controls

Pckgr now supports Role-Based Access Controls (RBAC), giving administrators precise control over who can view, deploy, and manage applications across different customer environments.

This feature is currently in Beta. We encourage you to submit feedback here so we can continue to refine the experience. We have further plans to expand RBAC support—including company access overviews.

Administrator Role

Team members can be assigned Administrator privileges from the My Teams section of the dashboard. Administrators have full access to:

  • Add or remove companies and tenants from My Companies

  • Invite new users or remove existing ones

  • Assign company-level access permissions to other users

  • Access all companies/tenants Application Libraries for deployments

Administrator access is toggled via the plus button next to a user’s name in the My Teams list.

Restricting Users to Specific Companies

In multi-tenant environments, non-admin users can be restricted to view and manage only specific companies.

To restrict access:

  1. Go to My Teams in your dashboard.

  2. Click the plus (+) button next to the team member’s name.

  3. In the drop-down, select one or more companies that the user should have visibility over.

  4. Click Save to apply the changes.

Once restricted, the user will only see the companies they have access to when viewing the Application Library. The company dropdown selector at the top of the Application Library is filtered accordingly.

Users without administrator rights will not be able to access companies they have not been explicitly assigned.

Custom Application Scoping

When creating a new Custom Application, you can assign it to one or more companies. This ensures that only users with access to those companies will see the app in the Application Library for deployment.

Key behavior:

  • Custom apps scoped to a company will only be visible to users with access to that company.

  • This restriction applies to both viewing and deploying the app.

  • Scoped custom apps still follow the same packaging and update automation workflows.

Managing RBAC Settings

All RBAC controls—both Administrator assignment and Company restrictions—are managed through the plus button next to each user in My Teams.

You can modify permissions at any time, and changes take effect immediately across the user’s dashboard.

RBAC in Policy Manager

Role-Based Access Control (RBAC) is fully integrated into the Pckgr Policy Manager to ensure that users working in Managed Service Provider (MSP) environments only have access to the companies and policies they are permitted to manage.

When RBAC restrictions are applied to a user:

  • Company Selector: The Company Selector at the top of Policy Manager will only display the companies (tenants) that the user has been granted access to. This prevents them from viewing or managing policies for other connected companies.

  • Audit Logs Filtering: The Audit Logs section automatically filters results to show only policy events that occurred in the companies the user has access to. This applies to all event types including backups, restores, clones, deletions, and syncs.

This approach ensures security and access protocols are maintained, limiting each user’s visibility and control strictly to their assigned scope.

PreviousAdding Team MembersNextCreating Deployments

Last updated