ScanopyScanopy

Organization & Access

Users, roles, networks, API keys, and tags.

Organizations

Organizations are the top-level container in Scanopy. Every user belongs to exactly one organization, and all networks, hosts, and services exist within that organization.

Organizations are automatically created during registration and cannot be manually created or transferred.

Roles

RoleCan Do
OwnerEverything, including organization settings and inviting Admins
AdminEverything Members can do, plus invite/remove Members, manage tags
MemberCreate/edit entities; run discoveries; manage daemons; invite Visualizers
ViewerView entities only

Account creation is invite-only — there is no self-registration. Invite users via Platform > Users — generate an invite link, select the invitee's role and which networks they may access, and share the link or send it by email.

Removing a user revokes all of their API keys, pending invitations, and network access grants.

Networks

Networks are the primary organizational unit. Each network represents a distinct environment with its own hosts, services, and topology.

Common patterns:

  • Separate networks for production vs. development
  • One network per physical location
  • Distinct networks for different security zones

Network Access

Users can be restricted to specific networks within an organization. When inviting a user, select which networks they may access — all data queries are filtered to those networks. This allows granting a contractor or external partner visibility into only the networks relevant to them while keeping other environments hidden.

Credentials

Credentials store authentication details (SNMP community strings, Docker Proxy certificates) that daemons use to gather data during discovery. Credentials are organization-scoped — they can be assigned to any network or host within the organization.

Manage credentials via Assets > Credentials. See Credentials for types, scopes, and assignment.

API Keys

Each daemon requires its own API key. Create keys via Platform > API Keys or during daemon setup. Use one key per daemon — don't share keys between daemons.

Tags

Tags provide organization-wide labels for categorizing and filtering entities. Apply tags to hosts, services, subnets, networks, groups, and daemons.

What Tags Are For

  • Environment classification: production, staging, development
  • Criticality levels: critical, high, medium, low
  • Ownership tracking: team-a, team-b, contractor
  • Lifecycle status: deprecated, migrating, new
  • Compliance: pci-scope, hipaa, gdpr, internal-only

Tag Scope

Tags are defined at the organization level:

  • The same tag can be applied across all networks
  • Tag definitions are shared by all users
  • Deleting a tag removes it from all entities

Example Tag Schemes

By environment and criticality:

production + critical    → Core infrastructure
production + standard    → Supporting services
staging + low-priority   → Test environments

By team ownership:

platform-team     → Infrastructure, databases, networking
frontend-team     → Web servers, CDN, static assets
data-team         → Analytics, ETL, data warehouses

For compliance audits:

pci-scope         → Systems handling payment data
hipaa             → Healthcare data systems
gdpr              → EU user data processing
internal-only     → No external exposure allowed

Manage tags via Platform > Tags. You can also create tags inline while editing any entity.

Customizing Views

Tailor your topology with grouping rules, edge filters, and manual layout.

Hosts & Subnets

Managing discovered hosts and network segments.

On this page

OrganizationsRolesNetworksNetwork AccessCredentialsAPI KeysTagsWhat Tags Are ForTag ScopeExample Tag Schemes