User management
Learn how to manage user accounts in your organization, including adding, editing, and deleting users, understanding user roles and permissions, and ensuring authentication security.
On the User Management page, you can add, edit, or delete user accounts for your Organization. By default, Mindful users log in with a combination of email address and password.
Adding New User Accounts
Quick access: Organization > User Management
- On the User Management page, click Invite Users.
-
In the Invite Users modal window, provide values for the two required fields:
-
Email: You can invite one or more users in this field. Follow the on-screen instructions for separating email addresses.
-
Roles: Click the dropdown menu to select a single or multiple Roles. All addresses invited in a group will receive the same Role permissions selected here.
-
-
Click Invite to send a registration email with a temporary password to the listed users.
Editing User Accounts
On the User Management screen, click the Edit icon in the row of the user account you want to edit. This opens the Edit User modal.
- Email - The user's email may be updated, but they will have to log in again with the new email address once this change is saved.
- Name - The user's name may be updated.
- Roles - The user's Role may be changed.
Click Save when finished.
Deleting user accounts
This action can only be performed by users with Administrator access.
- On the User Management page, click Delete in the row of the user account that you want to permanently remove. When prompted, confirm the deletion.
User roles and permissions
There are three user roles that can be assigned to users in your Mindful Callback Organization. Each role is assigned different permissions and can access different parts of the system to view information or change configuration.
- Administrator: The Administrator role can view all screens and update the majority of configurable settings on the platform. Administrators do not have access to a few optional features on the Global Settings and Call Targets screens. This role should be assigned to those responsible for maintaining and configuring your Callback system.
- Manager: The Manager role has nearly the same level of access as the Administrator, but Managers have access to fewer features on the Global Settings screen. This role should be assigned to those responsible for managing teams.
- Viewer: The Viewer role can view all call data and reporting features, with the exception of audit reports. Viewers can view Call Target Phone Numbers. However, Viewers cannot make changes on any screens. This role should be assigned to those who need access to callback information and reporting data, but who are not responsible for configuring the system or managing users.
Roles and permissions table
| Administrator | Manager | Viewer | |
|---|---|---|---|
| Callback Status | All | All | All |
| Call Detail | All | All | All |
| Insights | All | All | All |
| Reports | All | All | All except for Audit reports |
| Handoff | All | All | View only |
| Global Settings | Most settings (some are reserved for Mindful staff) | Some settings (no messaging) | None |
| Call Targets | Most settings (some are reserved for Mindful staff) | Most settings (some are reserved for Mindful staff) | None |
| Smart Rules | All | All | None |
| Business Units | All | None | None |
| Media Sets | All | All | None |
| Phone Numbers | All | All | View only |
| Scheduler | All | All | None |
| Datastore | All | Agent role - Can lookup Data Sets by contact number only | |
| Organization | All | Can read and edit users and roles, but cannot add or delete | View Only |
| Alerts | All | All | View Only - cannot acknowledge/clear alerts |
| User profile | All | All | All |
Authentication Security
Several security measures are in place to restrict abnormal attempts to access the platform:
- Passwords are masked in the UI on the login page and user account page.
- Users are automatically logged out after 15 minutes of inactivity.
The following actions will cause a user account to be locked out for 30 minutes:
- Three failed login attempts are made within 15 minutes.
- A new attempted login occurs within three seconds of the last failed attempt.
Note that the count of login attempts does not reset based on a timer. Rather, it only resets upon a successful login, regardless of how much time has passed. Also, there is no way to lift the 30-minute lock-out period. After being locked out, a user must wait 30 minutes before attempting to log in again.
