Skip to main content

Governance intelligence for access, cloud, and SaaS. Now in early access

Nuxari
Roles and Permissions

Nuxari internal roles

Nuxari operates a set of internal roles for its own staff. These roles are separate from your organization's roles and cannot be assigned or viewed by customers.

Last updated: June 2026

Who this is for

Any customer who wants to understand what Nuxari internal roles are, why they are not visible in the tenant UI, and how Nuxari staff access is governed.

What Nuxari internal roles are

Nuxari has its own operational staff: the people who operate the platform, respond to support requests, and manage security and compliance for Nuxari as a service. These staff members have their own role system — the Nuxari Internal Roles — which is separate from your organization's client tenant roles. Nuxari internal roles are used exclusively by Nuxari employees and cannot be assigned to, viewed by, or managed by customers.

Why you cannot see Nuxari internal roles in your tenant

If you open the role assignment interface in your Nuxari tenant and do not see any "Nuxari internal" role options, that is correct and expected. These roles are not exposed in the customer-facing interface because customers do not assign, manage, or interact with them. They exist in Nuxari's own operational infrastructure, not in your tenant.

Not seeing Nuxari internal roles in your role assignment UI is not a bug or a missing feature. It is the correct behavior. Your available roles are the eight client tenant roles described in the Roles and Permissions overview.

How Nuxari staff access is governed

Nuxari applies access controls to its own staff using the same principles it recommends to customers: least privilege, just-in-time access, and audit logging. When Nuxari staff need to access customer data for legitimate support or operational purposes, that access:

  • Is scoped to the minimum necessary for the task.
  • Is governed by Nuxari's internal access policies.
  • Is audited.
  • Does not override your tenant's data isolation boundaries without a legitimate reason.

The Nuxari internal role families

For transparency, Nuxari publishes the existence of its internal role families without disclosing internal procedures or access details. The internal roles cover:

  • Nuxari Super Admin — reserved for Nuxari platform operations with the broadest internal access. Tightly controlled.
  • Nuxari Support Admin — for Nuxari support administrators who need to assist customers with escalated issues.
  • Nuxari Support Agent — for Nuxari support staff responding to customer tickets and questions.
  • Nuxari Security Operator — for Nuxari's internal security monitoring and incident response team.
  • Nuxari Compliance Manager — for Nuxari's internal compliance and audit functions.

None of these roles are available to customers. They cannot be assigned in your tenant, and they do not appear in your role management interface.

If you receive a request from someone claiming to be Nuxari staff and asking you to assign them an "internal role" or to share credentials, treat it as suspicious. Legitimate Nuxari support will never ask you to assign internal roles or share secrets. Contact security@nuxari.com if you receive such a request.

Related docs

Roles and Permissions Overview

All eight client tenant roles and the two role families

Security Model

Trust and security principles built into Nuxari

Workspaces and Roles

How workspaces and client roles are organized

Was this page helpful?