Creating roles that can create and manage customer's Privileged Access Service
Only members of the System Administrators role or a role that has the Customer Management administrative right can view, create, disable, or log in to customer Privileged Access Service. You create roles and add administrative rights to them from the Roles page in the Admin Portal.
The Customer Management administrative right is only available on Managed Service Provider accounts. For all other accounts, this administrative right is not displayed. For example, the administrative rights available when your customer’s system administrator lists the Administrative Rights does not include Customer Management.
See Assigning users to roles to continue and then go to Admin Portal administrative rights to add the administrative rights that allow the user to log in to Admin Portal. To give a role the ability to create, disable, and log in to customers’ Privileged Access Service, add the Customer Management administrator right to the selected role.