Roles
View Roles
- to view this screen
Manage Roles
- to make changes in this screen
Roles is where you can create or view user roles in your application. For backoffice applications, there are several application-level user permissions. These allow users to access functionality to read data or even change data using write permissions. All of these settings are configured in the Settings menu. Permissions can be aggregated into user-defined Roles and then Users can be assigned these Roles.
Permissions
Below is a list of all application-level permissions:
- View Operations - Read-only access to the Operations tab
- Manage Operations - Write access to the Operations tab (adds View Operations automatically)
- View Contracts - Read-only access to the Devices tab
- Manage Contracts - Write access to the Devices tab (adds View Contracts automatically)
- View Transactions - Read access to the Transactions tab
- View Roles - Read-only access to the Roles tab in the settings
- Manage Roles - Write access to the Roles tab in the settings (adds View Roles automatically)
- View Rules - Read-only access to the Rule Templates tab
- Manage Rules - Write access to the Rule Templates tab (adds View Rules automatically)
- Application Administrator - Application Administrator allows access to the settings tab and assign backoffice users their roles
Roles built-in
There are a few roles already built-in with every application:
- Owner
The owner role has all permissions, including Application Administrator, and therefore can access all functionalities and configurations on the application. There must always be at least one Application Administrator at any time for an application.
- Branch Manager
This role was designed with front-office or contact center users in mind. They only have "manage contracts" permission which allows them to remove devices from users who get in touch with your support team. They cannot view the users' transaction history or any other information on the application.
- Branch Operator
This role can only check if a user has a device enrolled with the application, but cannot remove it. It has no other permissions.
- Operation Manager
This role was designed for a user that manages the operations and risk rules. This user has read/write access to the created operations in the application and risk rule templates. They can change risk rule values for live operations, create new operations or edit live ones.
Restricted Application Access Example
Users who have restricted permissions will not see all of the application menu tabs. For example, if a user has a custom role that only has the permissions Manage Contracts, View Contracts and View Transactions and they click the application card on the application selector menu, they will have the view as seen in the screenshot below with only two menu tabs shown.