Roles and Permissions form the backbone of user security on our platform. They ensure that each user has access only to the resources and functionalities necessary for their role, minimizing the risk of unauthorized actions and data breaches. By defining clear roles and assigning appropriate permissions, administrators can manage user access efficiently and maintain a secure environment. This system not only enhances security but also streamlines workflows, as users can perform their tasks without encountering unnecessary barriers or restrictions. Properly configured Roles and Permissions are essential for protecting sensitive information and maintaining the integrity of our operations.

❗️

User and Role

Users log in to the platform with a specific role and inherit the permissions associated with that role. Therefore, it's essential to ensure that each user is assigned the correct role to maintain appropriate access and security levels.

Please avoid assigning users 'Full Admin' role. Only assign 'Full Admin' role if absolutely necessary.

Please navigate to Settings > Identity & Access Management > Roles and Permissions as follows

📘

How to create a User with specific Role

Steps to follow:

1. Ensure you create an appropriate role for the new user. Refer to the Roles and Permissions page to do this.
2. Navigate to the Users page and create the user. Assign the role you have defined for this user.

Managing Roles And Permissions

When follow the navigation Settings > Identity & Access Management > Roles and Permissions, you will have Roles and Permission main page as follows

1️⃣ Overview

• Name: The name of the role, which helps identify the role and its associated permissions.
• Description: Additional information or context about the role, such as the role's purpose or responsibilities.
• Type:Indicates the type or category of the role, which may influence the permissions and access levels associated with it. System Roles are predefined default roles, while User Defined Roles are created by platform users with the necessary rights.
• Created At: The date and time when the role was created. This can help track the age of the role and understand how long it has been part of the account.

How to create a new role and assign permissions

Creating a new role is crucial for platform security because it requires adhering to the minimum permission policy, ensuring that users are granted only the permissions necessary for their specific tasks.

When you click Add button at the top most right corner, the popup below will appear:

In Roles and Permissions section, you can assign new roles and permissions to users. This section allows you to customize user access and permissions to specific features and areas within the platform.

1️⃣ Name: Enter a name for the new role, such as “CampaignExecutor” or another descriptive name that suits the purpose of the role.
2️⃣ Description: Provide a brief description of the role for context and clarity.
3️⃣ Permissions: The Dengage platform allows you to establish a detailed permission structure. You can grant read, write, and manage permissions for each object on the platform.

👍

Permission Dependency

If a selected permission has dependencies, the related dependencies will automatically be enabled when you select the option.

In this example, the platform automatically assign 3 other permissions along with Publish permission as it is shown above.

There are several objects on the platform you can assign permissions to users.

1️⃣ Campaign: Campaign object is the journey on the platform. You can assign specific permissions in a role for Journey tool. Publish, Edit and View permissions are mainly used on these objects.

👍

Permission Levels

Publish: Admin permission. Users with this permission can view, modify, and deploy the object to the production environment.

Edit: Update permission. Users with this permission can view and modify the object.

View: Read-only permission. Users with this permission can only view the object.

2️⃣ Marketing and Transactional Content: Along with Publish, Edit and View permissions, Send Test permission can also be given to users in a role. With this permission, Users can send test messages on the specific channel.

3️⃣ Analytics: For Analytics module, the platform has Tracking and Insights permission as described on the image below.

4️⃣ General: These are other general permissions you can assign to roles.

Invite User: Permit inviting new users by email.

Manage User: Allow changing the role of existing users.

Manage Role: Permit defining new roles and managing role properties.

Change Account Setting: Allow changing account settings and KPIs.

Global Frequency Capping: Permit changing account-wide frequency capping.

5️⃣ Data Space: These are permissions on Data Space (Customer Data Platform) part of the platform.

View Segment/Table: Allow viewing data tables and segments.

View Data: Allow viewing data information.

Change the Contact Data: Permit changing contact data.

Manage Table: Allow creating new data tables.

Manage Table Relations: Allow creating or deleting data relations.

Import Data: Permit uploading data to tables and creating tables with data.

Export Data: Allow exporting and downloading data from data tables and segments.

Manage Segment: Allow creating and editing segments.

Personal Info: Allow viewing restricted contact/device columns.

🚧

Personal Identifiable Information (PII)

The Dengage platform allows you to select these columns under

Settings > Identity & Access Management > Data Masking

First, you need to define the restricted columns using this page. By default, these columns are hidden for a role. When you enable this flag in a role, users with that role can view the data in these columns, such as the email and GSM number of a contact.

Automated Flow > View: Allow viewing automated flows under Data Space module.

Automated Flow > Manage: Allow creating and updating automated flows under Data Space module.

👍

Permission Selection Required Before Saving

Before proceeding to save the roles and permissions section, you need to select at least one of the permissions. This ensures that each role has the necessary permissions assigned to it before saving the settings.

4️⃣ Save: Once you have specified the role name, description, and assigned the desired permissions, save the role.