CommunitySupport PortalYouTubeFree trialSign Up!

Users and Groups

Manage access rights for users and groups.

The Users and Groups module allows you to manage the data of all the users and groups that belong to your tenant. To authorize the users in the system, add them to the tenant and create relevant user groups with sets of access rights. Then, link the users with the user groups to make the access rights work.

The Management Dashboard views are dependent on the user's permissions. If you don't see a particular node, or section described in the Emporix documentation, or are not able to modify an entity, it might mean you don't have sufficient permissions set. Contact the administrator if you need additional access.

Definitions

User - an employee using the Emporix Management Dashboard.

User Group - a group of users that share some common characteristics, like performing similar job. User group defines access controls for the users.

Role - a combination of predefined permissions that allow users to perform some actions on resources within the system. You can apply a role to a user group.

Permission - a mechanism for limiting what actions a user belonging to a role can perform on specific resources.

Access controls - a combination of roles and resources. For example, a user with a manage access control on product resources can view, create, delete, and edit product entities.

Resource or Entity - the object type within the Emporix Management Dashboard.

Action - the ability to perform an action on entities of specific type.

Users

You can filter or sort the users list by first name, last name, email address, department or status.

The are two status types:

  • The Green dot shows the user is active

  • The Grey dot shows that the user was added and provisioned, but has not registered their account yet

Create a user

1

Go to the users view

In the Administration module, go to Users and Groups.

2

Choose to create a user

In the Users tab and choose the Create New User.

3

Provide the user details

Provide all the requested information. All fields are mandatory.

4

Save you configuration

Saving your changes adds the new user to the users list straight away.

The user receives an email invitation to join the tenant. Note the email has to be a company email address.

If at any point you decide to stop adding the new user, you can use the Discard option. It clears all the fields and removes the data you’ve entered for the user.

Groups

You can filter and sort groups by the group name.

Set the relevant users permissions at the group level. Users can belong to several groups with different access rights. By assigning users to relevant groups, you control what they are able to see and/or edit in the Management Dashboard. Bear in mind that if you assign a user to two groups that have different permissions set for a specific resource, the manage overwrites read permission and the user is able to manage the resource, not only view it.

Create a user group

1

Go to Users and Groups

In the Administration module, go to Users and Groups dashboard.

2

Choose to create a new group

Go to the Groups tab and click the Create New Group.

3

Provide the groups details

In General section, provide the group's ID, name and description.

Only the Group Name is mandatory for a user group creation. You can decide to edit other details later. You can also set up a custom user group ID in the Id field. Otherwise, a unique ID is automatically generated when the group is created.

4

Choose the group role

It's and optional step. Choose the Role for the group, you can select between:

  • Standard role for Management Dashboard users: Viewer, Manager, or Admin.

  • One of the Templates for Manager roles with specific access rights.

  • Vendors role for a created vendor with orders or products read/manage access rights.

In the case when you have both Commerce Engine and Orchestration Engine setup in your tenant, firstly choose which product you want to define the group for. The available options for roles and permissions depend on this choice.

For more information, see Predefined roles.

Based on your choice of Role, you can see that the access controls in Management Dashboard Settings section get selected automatically.

5

Set up the group access rights in the Management Dashboard Settings section:

  • read access selected - a user is able to see entities of a specific type

  • manage access selected - a user is able to see, edit, create, and delete entities of a specific type

  • none selected - a user is not able to see entities of a specific type

Use the checkboxes to define the access rights only for the particular types the group is supposed to have access to. If a group is not supposed to manage or even see a particular entity in the Management Dashboard, don't select any permission.

Selecting manage automatically deselects view access and the other way round. To disable existing access rights for an entity, uncheck the checkbox.

6

Confirm with Save

Setting permissions

There are some resource types within CE that you access through other resources only and that don't have a separate view in the Management Dashboard, for example media, or payment gateway. Access to such resources depends on the permissions defined for the parent entity. For example, if you have read access to products, you get read access to media.

There are also resources that do have a separate view in the Management Dashboard but you also access them through other entities, for example categories in products. Access to such resources depends on the permissions you define at a group level for the particular resource. For example, if a group has manage access for products and read access for categories, the users are able to edit products, but not the categories within products. Or, if a group has manage access to products but no access to categories, the users don't have permission to see categories assigned to products. In that case, the users see No permissions message on a particular field.

For more information, see Permissions.

Assign users to a group

To allow a user to work within the tenant, assign the user to a user group with a set of specific access rights. You can do it in two ways: from the user perspective and from the user group perspective.

From the user perspective

1

Go to users view

In the Administration module, go to Users and Groups -> Users.

2

Choose the user

To open the edit mode, select the relevant user row.

3

Assign the user group

4

Go to the Access tab and select the relevant user group.

5

Save your changes

From the user group perspective

1

Go to the groups view

In the Administration module, go to Users and Groups -> Groups.

2

Go to the members management

Open the group you want to add members to and go to Members tab. Choose Add members.

3

Add the members

Select the users to add, you can search by first name, last name, email or department. Confirm with Add members.

From the user group edit mode

1

Go to the groups view

In the Administration module, go to Users and Groups -> Groups.

2

Choose the group

To open the edit mode, select the relevant group.

3

Assign the members

Go to the Members tab and choose Add Members. Select the users that you want to add to the group, you can search by first name, last name, email or department.

4

Save your changes

Predefined roles

You can choose from the predefined roles for a user group or define manually the relevant access controls. Note that manage access control contains read, create, edit, and delete actions.

Viewer

Viewer Access Matrix
Service
Resource
Read
Manage

Customer Management

Companies

Customer

Coupons

Quotes

Quotes

Status Quotes

Orders

Orders

SEPA

Returns

Catalogs

Catalogs

Categories

Products

Products

Product Templates

Labels

Suppliers

Brands

Pricing

Price Models

Price Lists

Settings

Sites

Delivery Methods

Delivery Times

Units

Tax

Countries

Currencies

Languages

System Preferences

Mixin Schemas

Extensions

e.g. site settings

Administration

Users and Groups

Webhooks

Extensions

Manager

Manager Access Matrix
Service
Resource
Read
Manage

Customer Management

Companies

Customer

Coupons

Quotes

Quotes

Status Quotes

Orders

Orders

SEPA

Returns

Catalogs

Catalogs

Categories

Products

Products

Product Templates

Labels

Suppliers

Brands

Pricing

Price Models

Price Lists

Settings

Sites

Delivery Methods

Delivery Times

Units

Tax

Countries

Currencies

Languages

System Preferences

Mixin Schemas

Extensions

e.g. site settings

Administration

Users and Groups

Webhooks

Extensions

Administrator

Administrator Access Matrix
Service
Resource
Read
Manage

Customer Management

Companies

Customer

Coupons

Quotes

Quotes

Status Quotes

Orders

Orders

SEPA

Returns

Catalogs

Catalogs

Categories

Products

Products

Product Templates

Labels

Suppliers

Brands

Pricing

Price Models

Price Lists

Settings

Sites

Delivery Methods

Delivery Times

Units

Tax

Countries

Currencies

Languages

System Preferences

Mixin Schemas

Extensions

e.g. site settings

Administration

Users and Groups

Webhooks

Extensions

Catalog Manager

Catalog Manager Access Matrix
Service
Resource
Read
Manage

Catalogs

Catalogs

Categories

Products

Products

Product Templates

Labels

Suppliers

Brands

Administration

Webhooks

Pricing Manager

Pricing Manager Access Matrix
Service
Resource
Read
Manage

Pricing

Price Models

Price Lists

Settings

Tax

Units

Countries

Currencies

Products

Products

Product templates

Catalogs

Catalogs

Categories

Administration

Users and Groups

Order Fulfillment Manager

Order Fulfillment Manager Access Matrix
Service
Resource
Read
Manage

Customer Management

Customer

Orders

Orders

SEPA

Returns

Settings

Sites

Compare role templates

Service
Resource
Viewer
Manager
Administrator
Catalog Manager
Pricing Manager
Order Fulfillment Manager

Customer Management

Companies

Read

Manage

Manage

Customer

Read

Manage

Manage

Read

Coupons

Read

Manage

Manage

Quotes

Quotes

Read

Manage

Manage

Status Quotes

Read

Manage

Manage

Orders

Orders

Read

Manage

Manage

Manage

SEPA

Read

Manage

Manage

Manage

Returns

Read

Manage

Manage

Manage

Catalogs

Catalogs

Read

Manage

Manage

Manage

Read

Categories

Read

Manage

Manage

Manage

Read

Products

Products

Read

Manage

Manage

Manage

Manage

Product Templates

Read

Manage

Manage

Manage

Read

Labels

Read

Manage

Manage

Manage

Suppliers

Read

Manage

Manage

Manage

Brands

Read

Manage

Manage

Manage

Pricing

Price Models

Read

Manage

Manage

Manage

Price Lists

Read

Manage

Manage

Manage

Settings

Sites

Read

Manage

Manage

Read

Delivery Methods

Read

Manage

Manage

Delivery Times

Read

Manage

Manage

Units

Read

Manage

Manage

Manage

Tax

Read

Manage

Manage

Manage

Countries

Read

Manage

Manage

Manage

Currencies

Read

Manage

Manage

Manage

Languages

Read

Manage

Manage

System Preferences

Read

Manage

Manage

Mixin Schemas

Read

Manage

Manage

Extensions

e.g. site settings

Read

Manage

Manage

Administration

Users and Groups

Read

Read

Manage

Read

Webhooks

Read

Manage

Manage

Manage

Extensions

Read

Read

Manage

Permissions

As particular resources have references to other resources, you need to take that into account when setting the relevant access controls for the groups you create. We've prepared a matrix of possible functions in a company and expected permissions in Management Dashboard. You might use it as a baseline for managing permissions for particular groups.

Example

You want to create a user group responsible for managing quotes in the system. Therefore, you select manage access control for quotes resources, however that might not be enough. Most probably, you also have to select at least read access control for companies resources, and you'd also need manage access for products so that the group members are able to manage price resources (which they access through products). Without these additional read and manage access, the users are not able to view the relevant resources that are related in one way or another to quotes, and are not able to process quotes accordingly.

The manage permission for a particular entity also gives a possibility for a user to configure the table columns for the list view by using the orchestration icon. They can adjust which columns are visible and which are hidden for the particular resource view in Management Dashboard that they have manage right to.

Take a look at the matrix to see what to take into account.

Role/Permission Matrix
Function/role
Read
Manage

Manage customer management

customers (user and groups)

customers companies coupons

Manage companies

customers (assigning customers to a company only)

companies customers (including creating contacts, customers functionality)

Manage coupon

categories

coupons

Manage quotes

companies

quotes products

Manage orders

orders

Manage SEPA

SEPA

Manage returns

customers orders products

returns

Manage catalogs

categories

catalogs

Manage categories

media

categories

Manage products

product templates suppliers categories price models price lists taxes

products

Manage product templates

product templates

Manage labels

labels

Manage suppliers

suppliers

Manage brands

brands

Manage price models

price models products

Manage price lists

catalogs categories customers (user and groups)

price lists price models products tax unites countries currencies

Manage sites

currencies payment methods countries languages

sites

Manage delivery methods

sites

delivery methods

Manage delivery times

sites

delivery time

Manage units

units

Manage tax

tax

Manage countries

countries

Manage currencies

currencies

Manage system preferences

system preferences

Manage mixin schemas

categories companies coupons customers customer.addresses orders products quotes returns

mixin schemas

For more information about the access controls, see the Identity and Access Management tutorial related to the Emporix API IAM Service.

Vendor groups

Vendor groups are specifically related to Vendor Management. When a vendor is created, it automatically creates four new user groups for your tenant - vendor.order.manager, vendor.order.viewer. vendor.product.manager, vendor.product.viewer.

In the example based on ABC Company the groups are as below and they can be already visible in the user and groups view.

  • ABC Company Vendor Product Manager

  • ABC Company Vendor Product Viewer

  • ABC Company Vendor Order Manager

  • ABC Company Vendor Order Viewer

Each group has the role and access rights already configured during creation, the role is Vendor and the access rights depend on the type of group. For example, for ABC Company Vendor Order Manager the access rights are Orders - Manage.

The specific vendor group access rights are:

Group
Order Access
Product Access
Notes

Vendor order manager

Manage orders

Vendor order viewer

Read orders

Vendor product manager

Manage products, including prices, availability, and media

Can also be granted permissions to publish/unpublish products.

Vendor product viewer

Read products, including prices, availability, and media

Cannot be granted publishing rights.

As in the standard user group management, in the group's Members tab you can view and manage the group members.

For more details about vendors, see the following guides:

PreviousAdministrationNextExtensions

Last updated

Was this helpful?