User Permissions in SpinOne for Google Workspace

Need more Google Workspace users to manage your SpinOne Data Protection Platform? Assign additional user permissions to delegate customized access to SpinOne.

Written By Davit Asatryan (Administrator)

Updated at February 26th, 2024

Initially, only the Root Administrator of the SpinOne account will have access to the SpinOne platform. However, it is extremely easy to delegate customized access to other users based on what's required for them.

In this article, we will discuss how to:

1) Assign additional permissions to other users

2) Understand what each permission set entails

Assigning Additional Permissions to Other Users

To get started, login to your SpinOne account.

Head to the Users section from the left panel to enter the User Management Console.

Click on the User you would like to provide permissions to, in order to open up their Auto-backup and Permissions Settings.

Select Permissions from the newly opened window.

Now you can easily customize the permissions set for this user.

If you would like to update permissions for ALL users, or for a certain Organizational Unit, select Permissions from the Settings on the top right of the current screen.

Now, the permissions chosen on this page will be updated for the selected Users.

Click Update once you're done and the permissions will be automatically applied.

Understanding What Each Permission Set Entails

It is important to understand what each permission set entails in order to correctly delegate access to anyone needed.

You can delegate an end user with the ability to simply login, and manage their own data by providing the following permissions:

- Login - ability to login to the SpinOne platform

- Restore - allows the user to restore their own data

- Download - allows the user to download their own data

In order to provide Administrative privileges, first, ensure that these three permissions are enabled and then proceed to provide further permissions.

Start off by enabling the Grant Admin Permissions toggle. Once this has been enabled, this User is automatically marked as an administrator on the SpinOne console. Enabling this will now allow you to customize the rest of the administrative permissions. The administrator will by default be able to view all Users, unless access is restricted to a certain OU.

Now let's go through what each permission means:

- Manager users - ability to activate new users, change permissions

- Manage superuser - ability to see and manage the Root Administrator account

- Change account and user settings - access to the Account Settings to manage automation, reporting, backup frequency, reporting, etc.

- Manage data (browse, read) - ability to view user data and preview emails

- Billing - ability to add licenses, change plans and manage payment 

- Restore - ability to launch restores of accessible user data (includes cross-user restoration)

- Download - ability to export backed up data to a local device

- Preview Item - ability to preview emails from the UI

- Delete users - ability to remove licenses from active users

Once these permissions have been updated, the user can access the SpinOne platform in the same manner as the Root Administrator: initially by OAuth (using "Sign in With Google"), and then with the ability to create their own unique SpinOne credentials.

If you would like an administrator to only have access to Users from a certain OU, restrict their access to those OUs by following these steps:

Head to the Org. units management section found in the Settings on the top right of the Users management console.

Here, you will find an updated list of your OUs, their administrators and where their data is being backed up.

Find the OU that you would like to assign to an administrator and click on the pencil to manage its administrators.

Search for the User, select them, and click on the + on the right.

Now, this user account can only access and manage (based on their permissions) users from the specified Organizational Unit.

You can add more administrators to the same OU or remove these administrators as necessary.

Was this article helpful?