A role defines what a user can and cannot see and do in the admin UI. Not all users need to have access to your platform configuration, for example, and the same probably goes for the finance section. Roles therefore define the accessibility of platform modules a user has.
In contrast to roles you further have the option to define rights for users. In the rights settings you can e.g. define what advertisers a user can manage.
Of course, you are welcome to configure your own roles, but you can also choose to use the predefined roles available in your platform. The following options are available:
The platform admin role gives a user access to all sections of the admin UI, including the platform configuration. This role should be given to users with advanced IT expertise only.
The key account managerrole allows a user to work with all sections of the admin UI, apart from the platform configuration. This role should be assigned to users who administer the platform, i.e. is setting up advertiser programs, manages partners, etc.
The finance admin role has access to the reporting and the finance sections. This role should be assigned to users responsible for the validation of conversions, the invoicing of advertisers, the payout of the partners.
The advertiser client role has access only to one or more specific advertiser programs and the reporting section. This role should be assigned to users managing particular advertiser programs within the platform or a client users.
Of course, you can also decide to create a new role based on the settings of these predefined roles.
If you haven’t already done so, login to your admin UI. Go to the administration section in the main navigation, click on ‘User’and proceed to click on ‘Manage roles’. If you do so, the page on which you can configure and edit roles will be loaded.
Basic role settings
To start creating a role, click on the button ‘Create new role’. A new screen will be loaded on which you can enter all the basic settings of the new role. Please make sure you go through the following steps:
Give your new role a name, for example ‘Account manager Spain’.
If you want, you can briefly describe the role under description.
In the general settings, you can choose to create your role based on the predefined system roles or based on earlier roles you have already created. All you need to do is select the role in drop down menu next to ‘copy settings from’. If you don’t want to use a default role, just select ‘none’.
Access to platform sections
Once you’ve finished setting the general rights, scroll further down the page to define what sections of the admin UI the user with the role you are creating will be allowed to see. If you chose to create a new role based on an existing role, you will see that some of the boxes have been ticked and others haven’t. If you didn’t choose to create a new role based on the existing role, all the boxes will be ticked.
As you probably notice, the headers of this section corresponds with the items in the main navigation menu of the admin UI. By ticking the boxes next to these headers, you define the new role in general. Access to the partner, advertiser and reporting sections is particularly relevant for account managers – note that by defining to what advertisers your new role is attributed, you have already defined for what particular advertisers the role will be responsible for. Access to the controllingmodule is important to a finance related role; access to the newsletter module is relevant for a role aimed at communication with the platform’s partner. The configuration module contains the basic settings of your platform, access to it should only be granted to a limited amount of users. The dashboard module should be available to all users, but you might want to exclude some of the widgets.
Below the headers, you can further customize your role. Doing so can be relevant for a number of reasons. It makes sense to grant an account manager responsible for an advertiser access to the controlling module, but you might want to deny the right to manage invoices (e.i. deny him the right to define whether he has been paying his own invoices or not). Please note that in some cases, such as the billing details, you can differentiate between a ‘read-only’ role and a role which allows editing as well.
When you are ready defining to what sections the user with the role you are creating should have, don’t forget to hit ‘save’ at the bottom of the page.
What is a right?
As already stated, rights do not define which parts of the platform a user can see. They rather focus on which advertisers and partners a user is allowed to see within the platform sections. This enables to e.g. separate user rights by country.
Defining rights for a user
After you have created all roles which are required to cover your organizational needs you can assign roles to the different users as well as define further access rights. For doing this, please go to the administration section in the main navigation, click on ‘User’and proceed to click on ‘Manage users’. If you do so, the page on which you can configure and edit users will be loaded.
You can either click on ‘Create new user’ to create a new user or click on to configure the rights of an existing user.
After setting the role, you have the following possibilities to define the rights of this user:
Define to what entity the user is assigned to. You can either select all or select specific ones in the drop down.
If you select ‘access to all advertisers’, the user will be entitled to work with all current and future advertisers in the platform. To limit the right to specific advertisers, leave this tick box unselected and specify the advertisers in the drop box next to ‘advertiser’.
If you select the option ‘show all partners’, the user with the role you are creating will be entitled to see all partners in the platform, including those waiting for admittance, deactivated partners, etc. If you do not select this option, the user with this role will only see partners that have been admitted to the advertisers you have selected in the menu above.
By separating roles from rights of single users, it is possible to have recurring roles (e.g. for key account management or finance) which can then be further tailored to aspects like regional responsibility.