What Is An Edgescan Superuser?

Version Number: v1.0.3

Published Date: 2 Dec 2025

____________________________________________________________________________

There are a handful of changes added in here in anticipation of the Edgescan Roles release for users. This will allow permissions to be grouped into templates called roles and will replace superuser permissions.

A superusers permission cannot be edited by another superuser. You must make a request to the Edgescan support team if you wish a change to be made to an existing super user.

Superusers can send password reset emails for other superusers

By default a superuser has the following permissions:

Manage permissions assume you have Create, Read, Update permissions. Delete on resources may not be available as a default for auditing purposes.

User Permission

Resource	Resource Name	Resource Description
User	View	View Users in current users organization
User	Edit	Create User alerts
		Update User alerts
		Delete User alerts
		Update User
		Lock User
		Unlock User
		Reset Password
		Reset Email
		Set OTP secrey
User	Create	Create User
User	Delete	Delete User

Roles Permission

Resource	Resource Name	Resource Description
Role	View	View Roles
Role	View	View Role Permissions
Role	Create	Create New Roles
Role	Edit	Edit Roles
		Add Role Permissions
		Update Role Permissions
		Delete Role Permissions
		Bulk Create Role Permissions
		Bulk Delete Role Permissions
Role	Delete	Delete Role

Permission Permission

Resource	Resource Name	Resource Description
Permission	View	View permissions on target user
Permission	View	Resolve permissions on target user
Permission	Edit	Grant permissions on target user
Permission	Edit	Deny permissions on target user
Permission	Create	Create permissions on target user
Permission	Delete	Delete permission on target user

Asset Permission

Resource	Resource Name	Resource Description
Asset	View	View assets
		Retest asset
		Scan Freeze windows
		View API Descriptors
		Download API Descriptors
		Download API Descriptor Status
		Create API Descriptors
		Create API Descriptors from URL
		Validate Users permitted to access API Descriptor files
		View Assessments
		View location specifiers
		Check existence of location specifiers on scope Organization
		View Schedules on Asset
		View annotations
		Create annotations
		Update annotations
		Delete annotations
		View tags
Asset	Create	Create an Asset
		View available licences for current users organization
		Create Licence if User also has Edit Licence permission
		Destroy Licence if User also has Edit Licence permission
Asset	Edit	Update an asset
		Initiate scanning
		Assign Licences
		Unassign Licences
		Create a container upload
		Update API Descriptors
		Delete API Descriptors
		Create a container image
		Delete a container image
		Create Location specifiers
		Update Location Specifiers (you can only edit location_specifiers if the asset is staged & you have the edit location_specifier permission)
		Delete location specifiers (you can only delete location_specifiers if the asset is staged & you have the delete location_specifier permission)
		Create tags
		Delete tags
Asset	Delete	Delete asset is only available when the asset is in a staged state.
Asset	edit_credentials	Create asset credentials
		Update asset credentials
		Delete asset credentials
Asset	manage_assessments	Start an assessment
		Pause an assessment
		Resume an assessment
Asset	discard_vulnerabilities	Accept risk of an asset
Asset	discard_vulnerabilities	Bulk mark risk acceptance
Asset	manage_licence_auto_renewal	Manage auto renewal of licences on an asset
Asset	cancel_scans	Cancel scans on an asset
Asset	edit_risk_ratings	Update vulnerabilities rating on an asset
Asset	edit_risk_ratings	Batch update vulnerability scores
Asset	manage_pause_schedule	View pause schedules
		Create pause schedules
		Edit pause schedules
		Delete pause schedules

Assessment Permission

Resource	Resource Name	Resource Description
Assessment	View	View Assessments

Organization Permission

Resource	Resource Name	Resource Description
Organization	View	View Organizations
Organization	Edit	Edit Organization detail
Organization	edit_options	Global settings feature
Organization	licence_oversight	View licence utilization summary on organization
Organization	edit_slas	Create SLAs
		Edit SLAs
		Delete SLAs
		Bulk replace SLAs
Organization	tag_oversight	Adds check oversight permissions
Organization	manage_licence_auto_renewal	Manage auto renewal of licences on an organization.

EASM Permission

Resource	Resource Name	Resource Description
EASM Investigations	View	View EASM Investigations
EASM Investigations	Create	Create EASM Investigations on an Organization
		Create EASM Investigation schedules
		Create EASM Scan on Investigation
EASM Investigations	Edit	Edit EASM Investigations
EASM Investigations	Edit	Edit EASM Investigation schedules
EASM Investigations	Delete	Delete EASM investigations

Location Specifier Permission

Resource	Resource Name	Resource Description
Location Specifiers	View	View location specifiers on an asset
Location Specifiers	Create	Edit location specifiers on an asset
Location Specifiers	Create	(you can only edit location_specifiers if the asset is staged)

Orders and Licences Permission

Resource	Resource Name	Resource Description
Orders	View	View Order Items
Licences	View	View Licences
Licences	Edit	Assign Licences
Licences	Edit	Unassign Licences

Opt In Permission

Resource	Resource Name	Resource Description
Opt In	View	view opt in
Opt In	Create	create opt in
Opt In	Edit	update opt in

AI Insights Permission

Resource	Resource Name	Resource Description
AI Insights	View	view insight
AI Insights	Edit	edit insight

Shared Credential Permission

Resource	Resource Name	Resource Description
Shared Credential	View	View shared credentials and their details
		View credential types, scopes, and roles
		View associated assets and authentication workflows
Shared Credential	Create	Create new shared credentials
		Define credential information (SSH, SMB, NTLM, ESXi, OAuth, Dynamic Form, Basic Auth)
Shared Credential	Edit	Edit existing shared credentials
		Update credential information, descriptions, scopes, and roles
		Change organization assignment if user also has create permission on target organization and no authentication workflows are assigned
Shared Credential	Delete	Delete shared credentials not assigned to authentication workflows

Scanner Automation Workflow Permission

Resource	Resource Name	Resource Description
Scanner Automation Workflow	View	View the details of scanner automation workflows and their scanner interaction steps.
Scanner Automation Workflow	Create	Create new scanner automation workflows by uploading chrome recording files.
Scanner Automation Workflow	Edit	Edit existing scanner automation workflows and their scanner interaction steps.
Scanner Automation Workflow	Delete	Delete scanner automation workflows.

Jumpbox Permission

Resource	Resource Name	Resource Description
Jumpbox	View	View jumpboxes

Pause Schedule Permission

Resource	Resource Name	Resource Description
Pause Schedule	View	View pause schedules
Pause Schedule	View	View pause windows
Pause Schedule	Create	Create Pause Schedule
Pause Schedule	Edit	Edit Pause Schedule
Pause Schedule	Delete	Delete Pause Schedule

Scan Profile Permission

Resource	Resource Name	Resource Description
Scan Profile	View	View Scan Profile

Assessment Config Permission

Resource	Resource Name	Resource Description
Assessment Config	View	View Assessment Config

Definition Permission

Resource	Resource Name	Resource Description
Definition	View	View Definitions

Keep in mind, a superuser can only assign permissions they have themselves.