Configure roles and permissions

Who can use this feature?

Global admins or users who can manage Permissions within User Management
Available on all plans and license types

Roles allow you to define what Totango functionality is available to your team members. You can set different roles for users when switching between teams.

Account assignment roles are special types of roles to indicate ownership of an account.

Understand default roles

Totango includes the following default roles. You cannot modify default roles.

Role	Description
Global admin*	Use all functionality of Totango and manage all access
Regular user	Use all functionality of Totango, excluding exceptions defined within User Management > Permissions
Team admin	Same as regular users, including the ability to access a "Team Settings" menu from the left nav, which allows for the following: Add or remove team members from the team admin's team(s) Create new Totango users—only by inviting to the team admin's team(s) Change a team member's role or license who belongs to the team admin's team(s) Change team overview properties (color, icon, goal) and advanced settings for the team admin's team(s) Team admins cannot modify team account set or edit user profiles.

*The global admin role is built-in. You can apply global admin access from within a user's profile (Global Admin check box).

Create a custom role

You can configure custom roles to define permissions per user, per team.

From Settings, expand User Management > Teams.
On the Roles tab, click +Add Role (or duplicate an existing role).
Add a display name and description, which helps identify what the role is used for.
Click Create Role.

Apply a role to a Totango user

For each team a user belongs to, apply the role that will apply to the user when switching between teams.

From Settings, expand User Management > Totango Users.
At the bottom of the profile, apply the preferred role under each team.
Click Save.

You can also apply team roles via file upload or by assigning a default team role when adding members to a team from within team settings.

Define permissions for a role

Once a role is created, you can decide which permissions apply to the role. Set permissions for the following categories:

Account
Application
Global settings
Subscription

From Settings, expand User Management > Permissions.
For each of the below permissions to configure, set the following options:
- Only specific roles (define which roles apply; includes custom roles or account assignment roles)
- Every member of the team
- Everyone in account assignment
- No one (only available to global admins)
Click Save.

Account permissions

Tasks: Decide who can create, update, delete tasks or run a SuccessPlay
Permissions	Create, update, delete tasks, and run a SuccessPlay
Account information: Decide who can update account attributes, forecast, account assignment, collections and about the company on account profiles
Permissions	Update account information Archive or delete account
Touchpoints: Decide who can add, update and delete touchpoints
Permissions	Create, update, and delete
Account configuration: Decide who can update the account layout, visibility and widget configurations of the account
Permissions	Update account configuration
Contacts: Decide who can add, update, and delete a contact
Permissions	Create, update, and delete
Share accounts with contacts: Decide who can share account details with contacts
Permissions	Share with contacts

Application permission

SuccessBLOC: Decide who can create SuccessBLOCs and access specific data in SB
Permissions	Create SuccessBLOC Access SuccessPlays Access campaigns Access canvas Access objective templates
Filter scorecard by individual team's members: Decide who can view other CSMs performance on the scorecard
Permissions	View other CSMs performance
Executive console: Decide who can access Executive Console from the left navigation
Permissions	Access
Global SuccessBLOC: Decide who can access Global SuccessBLOC from the left navigation.
Permissions	Access
Zoe: Decide who can create impact steps and share on Zoe
Permissions	Share via Zoe
Bulk edit: Decide who can edit attributes with bulk operation in segments
Permissions	Bulk editing attributes
Create new contact: Decide who can create new accounts in the system
Permissions	Create new account
Segments: Decide who can create, read, and edit segment related settings
Permissions	Create, read, and edit Totango users segments Export segment data (as CSV file or Google Sheets)
Run standardized reports: Decide who can run standardized reports
Permissions	Run standardized reports View standardized reports
Attribute visibility: Choose who can see attributes, custom metrics, and hierarchy rollups that have been marked as “hidden.”
Permissions	View hidden data

Global settings permissions

General settings: Decide who can update general settings
Permissions	Update general settings
Engagement: Decide who can access and update engagement related settings
Permissions	Update campaign settings Access and configure rapid insight forms
Data management: Decide who can access and manage data related settings
Permissions	Access and manage ALL data settings Access and configure Customer Data Hub Settings Design health profile and criteria Update revenue center settings
User management: Decide who can access and manage Totango user related settings
Permissions	Access and manage ALL Totango users settings Access and configure dynamic assignment settings only