- Updated on Apr 25, 2022
The Banyan Command Center allows you to use templates to define User Roles. These roles combine user attributes and device attributes into a single construct and then enforce security based on those combined attributes.
This article outlines how to configure common roles.
Create a User Role
To create a User Role, complete the following steps:
1. In your organization’s Banyan Command Center, navigate from Secure Access > Roles, and then select + Add Role.
2. Select the User Role template.
3. Under Role Details, configure the Role Name and Description.
4. Select + Add Role Attribute to get a list of Attributes that can be used to create the Role. The attributes are as follows:
By Group -> Enter the name(s) of the Group(s) that match the ones on your IDP
By Email -> Enter the relevant email address(es)
By Device Ownership -> Select an option or multiple options from the dropdown to ‘Only include devices with the following properties’:
Corporate Dedicated Corporate Shared Employee Owned Other
By Device Registration -> Select an option from the dropdown to ‘Only include known devices (devices that have been registered with Banyan)’:
By Device Management -> Select this option if you want to ‘Only include devices that have the Banyan App deployed by MDM’
By Platform -> Select an option or multiple options from the dropdown to ‘Only include devices with the following Operating Systems’:
Windows MacOS Linux iOS Android Other
Note: Role attributes can be classified as either User based or Device based. Group and Email are User based attributes. You can create a Role based on either Email or Group, but not based on both together.
The remaining four attributes are Device based. You can create a Role based on either or all of these attributes together.
Lastly, you can create a Role based on both User based and Device based attributes.
5. Select Add Role to complete the process.