Role Based Access Control

Overview

Role-Based Access Control (RBAC) is a powerful feature designed to efficiently manage access within our platform. By assigning specific roles to users and defining their permissions, RBAC ensures that employees only access the information necessary for their job responsibilities. This enhances security, streamlines user management, and improves data protection.

Feature Details

  • Managing Users:

As a system administrator, you have access to a user-friendly UI for effective user management. This includes:

  1. Creating new users with specific names, roles, and passwords.
  2. Deleting user accounts when necessary.
  3. Updating user information and resetting passwords.
  4. View a comprehensive list of all users for quick reference and updates.
  • Managing Roles:

The role management UI allows administrators to:

  1. Create new roles with distinct names and assign specific permissions.
  2. Edit existing roles to modify permissions.
  3. Delete roles no longer needed to maintain an organized RBAC structure.
  4. View a comprehensive list of all roles for quick reference and updates.
  5. Linking Permissions to Roles:
    Administrators can seamlessly link permissions to modules and functionalities within the platform. This functionality enables:
  • Assigning relevant permissions to individual roles to control access levels.
  • Providing flexibility to link specific permissions to multiple roles, optimizing access control granularity and data security.
  1. Predefined system roles and privileges include:
    1. Admin: Manages access and permissions across all modules.
    2. Creator: Creates campaigns, views dashboards, and analytics.
    3. Maker (if enabled for the panel): Sends campaigns for approval, publishes post-approval, and views dashboards.
    4. Checker (if enabled for the panel): Approves or rejects campaigns, accesses dashboards.
    5. Analyst: View-only access to all modules; default role for invited users.
      Custom Roles:
      Marketers can create custom roles based on specific requirements. To set up a custom role:

Define components and permissions related to the component.
Specify access levels such as view, create, edit, delete, and more.
Customize permissions according to organizational needs and workflows.

FAQs:

How to get started?
To get started with RBAC, administrators can follow these simple steps:

  1. Enable RBAC: Reach out to [email protected] or your account manager to enable RBAC for your account. Once enabled, RBAC will be available for configuration within your platform's settings.
  2. One-Time Activity for Users: Since RBAC is a new feature, all panel users will be allotted relevant system roles as a default. For example, Admins will remain Admins, while Makers and Checkers will be migrated as makers and checkers respectively. However, all other panel users will be assigned the Admin role by default. To customize roles for these users:
    1. Create a custom role relevant to your organization's needs. For example, you may create a "Campaign executioner" role with specific permissions for handling customer queries.
    2. Assign this custom role to the relevant users and manage access effectively.
  3. Role Deletion Impact: Note that any new user (if not specified) will be assigned the Analyst role by default. If a role is deleted, the impact will depend on the user's existing roles:
    1. If the deleted role was the only assigned role, the user will be assigned the Analyst role.
    2. If multiple roles were assigned to the user, the remaining roles will be merged.

Modules Not Supporting RBAC currently:

RBAC is not applicable for the following modules due to various reasons such as technical limitations, ongoing revamps, or specific design considerations. For these modules, all users will have access:

  1. WPN campaign
  2. In-app campaigns
  3. Web message campaigns
  4. Integrations page
  5. Contact overview
  6. Email Templates (HTML & AMP)
  7. Webhooks

πŸ“˜

Note

  • Admins, Makers & Checkers will get migrated as they are in the new RBAC as per permissions defined.
  • Sub admins will be migrated as Admins. To assign a different role for such users, create a custom role with desired permissions and assign it to users.
  • System roles, except admin will all have masked data setting enabled owing to security reasons.