Note : This feature is partially implemented and not fully complete. Hence all the permissions described below are not fully supported yet.
Role based access control allows customers to control access to various functions in the application based on users roles on the account team and SuccessTeam. Customers can define permissions for account roles and also create custom SuccessTeam roles for users and define account and application level permissions.
Common Use Cases
- As a Global Admin I want to grant SuccessManagers on an account to update account information, update tasks and touchpoints but want to prevent them from accessing the Executive console
- As a Global Admin I want to grant a first line manager for CSM's the ability to perform all the actions on an Account but not have access to Tools and Global Settings
- As a Global Admin I want to create a System Admin role for my sysadmins and only grant them access to the Integration Hub in Global Settings
Note : Global Admin has all the privileges by default and this cannot be changed. Pls be cautious in creating users as Global Admins.
Account Level Permissions
The following account level permissions are available to grant to account roles as well as team member roles on an account
|Account Information||Update Account Information||
|Account Configuration||Update Account Configuration||
|Tasks||Create, Edit, Delete and Complete Tasks||
|Touchpoint||Add Update and Delete Touchpoint||
|Contacts||Add and Update Delete Contacts||
App level access permissions
The app level access permissions allows admins to restrict access to various parts of the Totango application
|Executive Console||Permission to access the Executive Console||Executive Console menu|
|SuccessBLOC||Ability to create a SuccessBLOC||
|Tools||Access Tools||Access Tools menu|
|Global Settings||Access to Global Settings||Global Settings > Integration Hub|
|Zoe||Access to the "Share via Zoe" option||
Granting Account Permissions to Roles
A Global Admin can define the permissions to one or more roles in the Global Settings > Permissions
Each permission can be assigned in the following ways
- Everyone in the SuccessTeam - Grant this permission to every role in a SuccessTeam
- Everyone in the Account team - Grant this permission to every role in the Account team. New roles created in the future will also get this permission automatically
- Only Specific roles - Grant this permission to specific roles that have been specified
- No one - No roles will be granted this permission. Global Admins are an exception and have all permissions by default.
Granting App Access Permissions
Defining custom SuccessTeam roles
A Global admin can define custom roles in the system. The following roles are available out of the box
- Regular User
- Team Admin
Note : Global Admin is default super user role in the system with full privileges and comes out of the box but is not listed with other roles mentioned above.
Clicking on the green + button launches the New Role window allowing the user to define a new role with a Role Name and Description.