Users, Roles, and Permissions
- Parker Hutcheson (Deactivated)
- Andrew Wright
This page details how to start inviting and managing users inside the Behavioral Engagement Platform™️.
Table of Contents
- 1 What are Users, Roles, and Permissions in the Symend Application?
- 2 For Your First Login
- 3 First-time Login
- 4 Resetting your multi-factor verification method
- 5 Switching between your organizations
- 6 Understanding Authorization
- 7 Roles that will help your users to get started
- 8 Creating the first user and granting roles
- 9 Single-Sign-On (SSO)
What are Users, Roles, and Permissions in the Symend Application?
At Symend, securing your data is the top priority, especially with respect to different users (defined by email addresses) and their associated roles (assigned by system administrators), which each have permissions associated with them. In the application, the users and permissions section under settings helps you with administrator and/or security administrator personas.
As a security administrator, you can perform user management activities such as:
Adding new users
Updating users
Assigning and revoking roles
Resetting passwords
Resetting multi-factor authentication
This document will help you to understand the minimal tasks as a user and as an admin that you must perform to get started with Symend.
For more information on this topic, you can refer to the Getting Started with Identity and Access Management article.
For Your First Login
You will receive a welcome email from Symend once your tenant is set up by Symend Administrator. To login to your Symend instance, you need the following:
Username, which is your email address in your organization
Password
Phone Number (for multi-factor authentication or MFA)
First-time Login
Click on the URL in the Symend welcome email
The link takes you to the Symend Application login page
Set a password and click “Next”
Follow the on-screen prompts to complete the multi-factor authentication (MFA) setup
Once complete, you will see the Symend home page
From the next login, you can choose any of the above verification methods to login to the Symend Application
Resetting your multi-factor verification method
You can reset your multi-factor verification method either from the user profile page by leveraging the backup code generated during the first-time setup or by contacting your Symend administrator.
Switching between your organizations
An organization is a Symend instance. If you contribute to multiple organizations, you can switch between organizations by following these steps:
Within the Symend app, click on your user "Profile"
Select the "Switch Organizations" to see the name(s) and a list of your organizations in the Platform
Selecting the desired organization from the list will switch you to the respective organization
Understanding Authorization
At Symend, we enforce roles in the application, based access control to minimize threats related to unauthorized access. As an administrator of your organization, you should have any or all the following roles assigned to you as part of the provisioning of your Symend instance.
Role | Description | Permission |
|---|---|---|
Org Security Admin | Manage security at the organization level | View users Assign roles View roles Revoke roles View permissions |
Org System Admin | Manage configuration at the organization level | Update configuration View configuration Delete configuration Assign users to organizations Create alerts Update alerts View alerts Delete alerts |
Roles that will help your users to get started
At a minimum, your users need any or all of the following roles to get started in the Symend App:
Role | Description |
|---|---|
Data exchange editor | To import data into Symend |
Data Designer | To define Data Attributes and mappings |
Segment Designer | To define Segments |
Segment Publisher | To publish Segments |
Playbook Designer | To define Playbooks |
Playbook Publisher | To publish Playbooks |
Content Designer | To design Content |
Content publisher | To publish the defined Content |
Channel admin | To configure Channels such as email |
Insights viewer | To view, download and send insights data on your customer activities |
Insights explorer | To view, edit, explore, download and send insights data on your customer activities |
Creating the first user and granting roles
You must have the Client security admin role to create users and the Org security admin role to assign roles to users.
Follow these steps to create a user and grant them permission-based roles:
From the home screen Navigate to Settings → Users and Permissions page
Click on the “Add User” button
Specify the user profile details and click “Next”
Select the organizations the user needs to access
Select the roles the user should
Roles are bound to the context of an organization
For each organization, you can grant different roles
Refer to the user management document for more information on managing users and roles.
Single-Sign-On (SSO)
You must create a support request as a custom configuration with Symend, to configure Single-sign-on (SSO) with the identity provider of your organization.