Added the Port support permissions documentation

docs/generalTemplates/_support_user_permissions.md

@@ -0,0 +1 @@
+Port's support team may require access to your organization to provide technical assistance. This access is controlled through support user permissions which can be edited in the [Builder](https://app.getport.io/settings/data-model) page of your portal under the `Organization settings` in the left sidebar.   

docs/security.md

@@ -5,6 +5,8 @@ sidebar_label: Security & Compliance
 sidebar_class_name: custom-sidebar-item sidebar-menu-security
 ---
 
+import SupportUserPermissions from "/docs/generalTemplates/_support_user_permissions.md"
+
 # Security & Compliance
 
 Port is an internal developer portal platform and as such we place the utmost importance on data security, privacy and compliance, so that you can trust that your security needs are met.
@@ -75,6 +77,18 @@ Every Port account receives its own dedicated database for data storage, access
 
 Customer data is never transferred or stored on employee machines or devices.
 
+### Support user access
+
+<SupportUserPermissions/>
+
+It includes several security measures:
+
+- Support user actions are not logged in your audit log.
+- You can set the access duration or disable support access completely.
+- Emergency access requires dual approval (organization + Port).
+
+For more information, see the [support user permissions](/sso-rbac/users-and-teams/manage-users-teams#support-user-permissions).
+
 ### Data retention
 
 Data ingested into Port by its users is managed by them, and if not deleted by the user, will be retained indefinitely.

docs/sso-rbac/rbac-overview/rbac-overview.md

@@ -1,3 +1,5 @@
+import SupportUserPermissions from "/docs/generalTemplates/_support_user_permissions.md"
+
 # Port RBAC capabilities overview
 
 This page provides a comprehensive summary of all of Port's RBAC capabilities, and links to their associated documentation pages. They are grouped into 3 key topics:
@@ -134,6 +136,12 @@ In addition to the permissions designated for each role, permissions are also in
 
 For more details about Port roles, see the [relevant documentation](/sso-rbac/users-and-teams/manage-users-teams#roles--permissions).
 
+### Support user access
+
+<SupportUserPermissions/>
+
+For more information, see the [support user permissions](/sso-rbac/users-and-teams/manage-users-teams#support-user-permissions).
+
 ### Blueprint permissions
 
 Blueprint permissions allow a granular configuration of the various roles: admin, member or blueprint collaborator. 

docs/sso-rbac/users-and-teams/manage-users-teams.md

@@ -5,6 +5,7 @@ sidebar_position: 1
 import PortTooltip from "/src/components/tooltip/tooltip.jsx"
 import BetaFeatureNotice from "/docs/generalTemplates/_beta_feature_notice.md"
 import PortApiRegion from "/docs/generalTemplates/_port_api_available_regions.md"
+import SupportUserPermissions from "/docs/generalTemplates/_support_user_permissions.md"
 import Tabs from '@theme/Tabs';
 import TabItem from '@theme/TabItem';
 
@@ -424,3 +425,19 @@ Port service accounts are treated like any other users and extend the same RBAC
 Service accounts can easily be disabled at any time. To disable a service account, update it's `status` property to `Disabled`.
 Disabled service accounts can no longer generate new API tokens or use existing ones. Disabled service accounts can be re-enabled at any time by updating the `status` property back to `Active`.
 
+## Support user permissions
+
+<SupportUserPermissions/>
+
+### Access duration
+
+Support user access is enabled by default.  
+You can define how long this access will be valid: **1 week**, **1 month**, **1 year**, **Permanent access (default)**.
+
+:::info Emergency access
+
+In critical situations, Port can request emergency access to your organization even if support user permissions are disabled. This requires:
+
+1. **Organization approval** - the organization admin must approve the emergency access request.
+2. **Port approval** - Internal Port approval process.
+:::