Cloud Gateways Switching WiFi Physical Security Integrations
What's New Support
User
Sign Up UniFi Site Manager
Help Center Help Articles Professional Support Professional Integrators Community RMA & Warranty Downloads Tech Specs
User
Sign Up UniFi Site Manager
Help Center Help Articles Professional Phone Support Professional Integrators Community RMA & Warranty Downloads Tech Specs
Cloud Gateways Switching WiFi Physical Security Integrations

Social

Facebook Twitter Youtube Instagram

Company

Careers Contact Us Investors

Training

Courses Calendar Trainers Become a Trainer

Tools

WiFiman UISP Design Center
  1. Ubiquiti Help Center
  2. UniFi
  3. Getting Started with UniFi

UniFi Roles Explained: Admins and Users

UniFi uses a role-based access control (RBAC) model that separates Admins, who manage UniFi infrastructure, from Users, who interact with UniFi services such as WiFi, VPN, and Door Access. How these roles and permissions are managed depends on whether you are using UniFi Fabrics for centralized, multi-site access control or operating individual sites.

UniFi Fabrics & Roles

UniFi Fabrics introduce a centralized way to manage people, roles, and permissions across multiple sites. Instead of assigning access on a per-site basis, Fabrics allow roles to be defined once and applied consistently across all applicable sites. Furthermore, it enables zero-trust network security through the use of Identity Endpoint, which supports secure SAML SSO when using services like one-click WiFi, one-click VPN, or smart door access.

For an overview of Fabrics, check out this UniFi Academy Topic.

To learn how roles and permissions work in Fabrics, see UniFi Fabrics: Managing People, Roles, and Permissions.

Admins (Single-Site / Non-Fabric)

Admins are accounts that can access the UniFi management interface from Site Manager, or directly from the offline, local interface

Common admin roles include:

  • Owner: The account that originally set up a UniFi Console and has the highest level of access.
  • Super Admin: Full administrative access to a site, except for a select few functions available only to Owners.
  • Hotspot Operator (Network): Manage guest WiFi hotspots.
  • Door Attendant (Access): Open doors and communicate with visitors.

To learn more about adding Admins, click here.

Users (Single-Site / Non-Fabric)

Users are people configured in UniFi to interact with UniFi services as part of daily operations but do not access the UniFi management interface.

Examples include:

  • Connecting to WiFi
  • Accessing a VPN
  • Unlocking doors
  • Using other UniFi services assigned to them

User permissions are granted by Admins, and determine which services they can use. To learn about creating Users, click here.

Was this article helpful?