Delegated and tenant access

You can limit administrative access to Enterprise Threat Protector (ETP) by enabling delegated access or tenant access:
  • Delegated access. A super administrator grants an ETP user administrative access to specific locations, policies, and custom lists. A delegated administrator can create locations, policies, and custom lists, view all locations, policies, and custom lists and manage assigned locations, policies, and custom lists. They can also perform additional tasks such as view reporting data, schedule a report, and more. For more information, see Delegated access.
  • Tenant access. Similar to delegated access, tenant access is used by Managed Service Providers (MSP) to restrict and create separate access for individual customers. A super administrator grants tenant access and assigns a tenant administrator to specific locations, policies, and custom lists. Unlike a delegated administrator, a tenant administrator cannot view settings associated with locations, policies, and custom lists they are not allowed to manage. They also cannot perform additional configuration operations in ETP. For more information, see Tenant access.