Roles
With Roles Based Access Control (RBAC), you can now create and edit roles within the Agent Connect platform to support varied workflows and functions that may not have fit into the default Agent Connect Roles in the past.
While we have retained the default roles you are used to (Team Member, Team Leader, and Admin), and the permissions for these roles and their data scope are very closely aligned to the original roles we highly recommend reviewing and adjusting the default roles to best fit your organization's needs.
Please note that all users within the platform will be retained in the same default role which they were set to prior to the activation of RBAC. For example, all Team Leaders within your organization will now be listed in the Team Leader [Default] role.
We will walk you through some of the key updates and settings to review with the introduction of RBAC so you can adjust the roles as needed to work best for your teams. For a detailed guide to data scope and permissions please refer to our Data Scope Definition & Permissions Glossary Guide. Additional guidance on creating and managing Roles can also be found here.
Review and edit default roles
Our new Manage Team page makes it easier than ever to understand which users within your organization are within each role, and to review and customize the permissions associated with each role. The role of each user will be listed in the row representing their account but you can also leverage the 'Role' filter to view active users within a specific role.
To review the permissions and data scope granted to each of the roles select the 'Roles' tab.
On the 'Roles' tab you will see the three default roles (Team Member, Team Leader, and Admin) with the total number of users assigned to each role and the number of active permissions within each role. You can review the settings for each role by clicking on the name of the role or selecting the settings icon and choosing 'Edit Role'. A slide out will then appear with the settings for each role.
Create a custom role
Custom Roles allow you to expand your available user roles beyond the default Team Member, Team Leader, and Admin roles. We provide role templates for common personas that include default permissions and scope settings based on the intended use of the platform by that type of user.
From the 'Roles' tab of the Manage Team page select the 'Create Custom Role' button to initiate the workflow for creating a new role.
Each role is required to have a Role Name which will be used to reference the role throughout the application. Default Roles like Team Member [Default], Team Leader [Default], and Admin [Default] cannot be renamed or deleted but all other custom roles can be granted custom names which can be updated as needed over time.
Role descriptions are recommended to provide context on the role settings and should call out which type of users this role should typically be applied to.
For Example, you may have multiple Manager type roles to separate out your in house employees and vendor partners which can be granted different levels of access within the platform. Conveying the intention for the use of the role through the name and description will ensure that new users are added to the correct role as they are invited to the platform.
-
Select the role type for the new role which is being created. We'll provide a template for that role to start from which can then be edited to provide a custom name, description, data scope and permission settings. Select 'Next' to be brought to the configuration page.
-
Configure the role name, description, data scope, and applicable permissions. The name and description of the role template will appear as the Role Name and Role Description but you can provide any custom name and description. Role descriptions are recommended to provide context on the role settings and should call out which type of users this role should typically be applied to.
For Example, you may choose the QA Reviewer template but rename the role to create a Partner QA Manager role which is intended to be used for your partner vendors who manage QA for their teams which need access to their team's data and the ability to create and manage QA reviews. Next, choose the Data Scope and Permissions which should be applied to your custom role.
3. Once you have finalized the settings for your new role select Create Role to create the role for use within your organization. Once you've created the role you'll be brought to a page where you can begin to add users to this role individually or you can now choose to use this role to perform a Bulk Update from the Manage Team page or when creating new users.
Assign users to a role
Users have a role defined when their account is created but can then be assigned to a new role as custom roles are added or as they move into a new position within your organization. You have several different mechanisms available to assign roles depending on if you are simply looking to make a change to an individual profile or across multiple users at the same time.
Assigning Users Individually to a New Role
-
From the 'Manage Team' page you can find the individual user using the available filters and select their name or the triple dot icon and choosing 'Edit User' to access their User Profile. You can then edit their Role from the top of their profile by selecting a new role from the Role dropdown menu.
-
From the 'Roles' tab of the Manage Team page you can choose the 'Assign Users' link where you'll then have the ability to view a list of users already assigned to that role or choose the 'Add Users' button to add a new user to that role. You'll have the option to search by name or email and then select the matching profile which you'd like to add to that role. Once selected you'll see that user added to the list of members for that role.
Assigning New Roles Across Multiple Users
-
Bulk Update from Manage Team PageIf multiple updates are required across several users who need to be assigned new roles we recommend leveraging the Bulk Update feature from the Manage Team page. Through the Bulk Update feature you'll be able to specify a new role for users within a bulk upload template and after the file has been processed the users will be assigned their new role. You can find additional guidance in Editing profiles in bulk.
-
User Management API Our User Management API has been updated to be compatible with all new user profile settings including the selection of a user's assigned role. If you are leveraging our User Management API a new role for users can be provided using the Update Employee function which will be processed automatically to assign a user their new role. You can find additional information about our User Provisioning API in our API Documentation.
Data scope and product area permissions
Data scope
Data Scope can be set at the Default and Product Area levels.
Each role has been granted a Default Data Scope which is the highest level scope a role has access to. The Product Area Data Scope has also been defined for each role which limits the scope for particular product areas of the application. Each of the default roles have had their data scope set to the option which most closely aligns with the data visibility of the role prior to the activation of RBAC.
-
Users in the Team Member [Default] Role continue to only have access to data about themselves with the data scope set to 'Self'.
-
Users in the Team Leader [Default] and Admin Roles continue to have access to information across the company with the scope set to 'Company'.
If you wish to adjust the Data Scope settings for each role there are 5 data scope options for you to select from which can expand or limit the data users can see & interact with in the application. If you reduce the Default Data Scope it will override Product Area Scope selections so you should treat Default Data Scope as the Maximum Data Scope a user in each role can see and interact with, unless stated otherwise for specific scope selections that will allow an increase in data visibility where applicable.
-
Please note that we recommend leaving Default Data Scope set to Company for most roles, and simply updating Data Scope at the Product Area-level, which will enable the customization of varied Data Scopes at the Product Area-level. If Default Data Scope is reduced to "Own Team", for example, then selecting "Own Group" as the Data Scope for a specific Product Area it will be overridden by the Default Data Scope and users in the role you're creating will not be able to see the data you intended, as an example.
For more detailed information about data scope, see Data scope and permissions.
Product area permissions
Available permissions across the application are grouped into their specific Product Areas. There are 5 different Product Areas that each have their own set of available permissions to configure. A full glossary of our permissions can be found in Data scope and permissions, but below we have outlined important new permissions which we recommend to audit and adjust within each role as needed to serve your needs.
Feedback: The Feedback Product Area contains permissions focused on areas of the product related to surveys/customer feedback.
QA: The QA Product Area contains permissions focused on areas of the product related to QA, including but not limited to; the QA Dashboard, QA Reviews, Calibrations, QA Assignments, and Audits.
Coaching & Performance Management: The Coaching & Performance Management Product Area contains permissions focused on areas of the product related to Agent, Team, and Company Performance Management workflows.
Company Settings & Admin Tools: The Company Settings & Admin Tools Product Area contains permissions focused on configuring users, groups, roles, and various company settings found on the Settings page.
Social: The Social Product Area contains permissions focused on features that require sharing data in order to function properly, including Leaderboards and QA Messaging.
All updates to Role scope or permissions will be applied immediately after selecting 'Save Role' at the bottom of the page. To update a user's role you choose to edit their profile individually from the Manage Team page or use the Bulk Update to easily update large sets of users.
With your default roles in place you can now choose if you wish to create additional custom roles.
The permission settings for a role can be adjusted by selecting or deselecting a permission to be active for that role within each Product Area. You can choose to expand or minimize each Product Area when reviewing and editing the role permissions or use the +Expand All option to expand all the permissions across all areas. Please review our full glossary of available permissions here.
To apply the updates to Role scope or permissions select 'Save Role' at the bottom of the page which will automatically apply the role scope or permission changes to all users assigned to that Role.
To update a user's role you choose to edit their profile individually from the Manage Team page or use the Bulk Update to easily update large sets of users.