Skip to main content

FedRAMP Security Admin Guide

This guide describes how to securely set up, configure, operate, and decommission top-level administrative accounts in Devin Desktop. It covers administrative role definitions, account lifecycle procedures, and all admin-controlled security settings with their associated functions, security impacts, and recommended values.
This guide is written for the Devin Desktop FedRAMP deployment which runs on AWS GovCloud. The FedRAMP deployment uses a dedicated enterprise portal and SSO-based authentication (OIDC or SAML 2.0). Some features described in other Devin Desktop documentation for the SaaS offering are not available in the FedRAMP environment.

Administrative role definitions

Devin Desktop uses a Role-Based Access Control (RBAC) system to govern administrative privileges. Roles are managed through the Admin Portal under the Role Management settings section and can be assigned to individual users.

Built-in roles

Devin Desktop provides two built-in roles that cannot be deleted.

Custom roles

Administrators can create custom roles to implement the principle of least privilege. Custom roles are composed of granular permissions selected from the categories below. To create a custom role, navigate to the Admin Portal and open the Role Management section under Settings.

Permission reference

The table below lists every permission available for role assignment in the FedRAMP deployment. Each permission controls access to a specific administrative function.
A number of these permissions (such as Attribution, License, SSO, Indexing, Fine-Tuning) exist in the RBAC system but their corresponding portal pages are not available in the FedRAMP multitenant deployment. These permissions are included in the role management UI for completeness but do not grant access to any active features in this environment.

Admin account lifecycle procedures

This section describes the end-to-end lifecycle of a top-level administrative account, from initial creation through decommissioning.

Account setup

SSO-based onboarding is the primary provisioning method in the FedRAMP deployment. The platform supports both OIDC and SAML 2.0 for Single Sign-On integration. Users authenticate through the configured identity provider, and after the user’s first login creates their account, an administrator assigns the appropriate role through the Admin Portal. Note that SSO integration in the FedRAMP environment requires coordination with the Devin Desktop FedRAMP team and cannot be configured in a self-serve capacity. Every new admin account should be configured according to the principle of least privilege. Prefer custom roles with only the permissions needed for the administrator’s responsibilities rather than assigning the full Admin role unless the user requires complete system access.

Authentication and MFA requirements

The FedRAMP deployment uses Single Sign-On exclusively, supporting both OIDC and SAML 2.0 protocols. Email and password authentication is not available. All users must authenticate through the configured identity provider. Multi-Factor Authentication (MFA) is enforced through the organization’s identity provider. Devin Desktop inherits the MFA policies configured in the connected IdP, meaning that all authentication strength requirements (such as requiring a second factor, phishing-resistant authenticators, or conditional access policies) are governed at the IdP level. Organizations should configure their IdP to require MFA for all users accessing the Devin Desktop application, particularly for accounts holding administrative roles.
Devin Desktop strongly recommends requiring MFA for all administrative accounts. Configure your identity provider to enforce MFA as a condition for accessing the Devin Desktop application.

Account configuration

After an administrative account is created, the following configuration steps should be completed. Role assignment determines the scope of the account’s administrative access. Assign roles through the Admin Portal by navigating to the Manage Team tab, locating the user, clicking Edit, and selecting the appropriate role from the dropdown. Changes take effect immediately. Service key management is required when the administrator needs API access for automation or analytics. Service keys are created under Settings with scoped permissions matching the key’s intended use. Each service key should be named descriptively (for example, “Analytics Dashboard”) and assigned a role with the minimum permissions required.

Account operation

Ongoing operational practices for administrative accounts include the following. Regular access reviews should be conducted to verify that administrative accounts still require their current level of access. Review the list of users with the Admin role periodically through the Manage Team tab and adjust roles as responsibilities change. Activity monitoring is available through the built-in analytics dashboards. Administrators with Analytics Read permission can track user activity, engagement metrics, and feature usage. The Analytics API provides programmatic access to this data for integration with external monitoring systems. Service key rotation should be performed on a regular schedule. To rotate a key, create a new service key with the same permissions, update the consuming system to use the new key, and then delete the old key.

Account decommissioning

When an administrator no longer requires access, the account should be decommissioned promptly using the following procedure.
1

Revoke administrative role

Navigate to the Admin Portal, open the Manage Team tab, locate the user, click Edit, and change their role from Admin to User (or a custom role with no administrative permissions).
2

Revoke service keys

Delete any service keys that were created by or exclusively used by the departing administrator. Navigate to Settings, then Service Key, and delete the relevant keys.
3

Remove or deactivate the account

Remove the user through the Manage Team tab by clicking Delete next to their name. This will deactivate the user’s Devin Desktop account and release their license seat.
4

Review residual access

Verify that the decommissioned account no longer appears in any administrative role by checking the Manage Team user list filtered by the Admin role. Confirm that all service keys associated with the account have been deleted.
Decommission administrative accounts immediately when an administrator changes roles or leaves the organization. Delayed decommissioning creates unnecessary security exposure.

Security settings reference

The table below documents all admin-controlled security settings available in the FedRAMP deployment’s Admin Portal. Each entry describes the setting’s function, its security impact, and the recommended configuration for a security-conscious deployment. Last updated: January 28, 2026