About the permission of a role for a user:
As far as my understanding goes- only having the 3rd as ON should allow the user with that role to delete a profile.
However, I tried different combinations of all 3 options and I can’t get to a situation where a user in this role can associate a profile with a device/group but cannot delete a profile.
What am I missing?
|Manage profiles and alerts (read only)
|Association profiles with devices. Parent permissions are "manage.profiles", "inventory.devices", "inventory.users", "inventory.devices.actions"
|Manage profiles and alerts (full control). Parent permissions are "manage.profiles" and "inventory.devices"
Users, or more appropriately called end-users, are the customers of your Clients/Companies. These end-users are not allowed to delete profiles.
You can learn more about Role Based Access Control for Users here:
Staff, on the other hand, are the people directly working for you. These are the people, if given permission, that have access to end-users and devices. They can add/remove devices, modify users and create/delete profiles.
You can learn more about staff/administration management here:
You can also learn more about their roles and capabilities here: