Admin Permissions - Resource, Scope, Role Mapping
Introduction:
Developer Guide to Admin Permissions. This document provides a comprehensive explanation of the permissions assigned to agents within Unified Admin. It covers the intricacies of resource and scope mapping, along with detailed descriptions of connected permission groups and roles with each scope. If you need to make changes to Admin permissions, this guide will help you understand the existing permission structure, enabling you to add new scopes to the underlying permissions and integrate them with existing or new permission groups and roles. This document is an essential resource for developers looking to effectively manage and extend the permission framework within Unified Admin.
All Resources are defined in Keycloak in spinal-case
All Scopes and Groups are defined in Keycloak in snake_case
Supervisor must be assigned both agents_permission and senior_agents_permission groups.
Permission | Description | Resource | Scopes | Role | |
|---|---|---|---|---|---|
| 1 | Routing Engine → Queues | All permissions related to the management of queues of RE |
| view: Can only view the setting. manage : inherits view, along with complete access to edit and delete
| Admin: should have the complete access Routing Manager: Should have the complete access Supervisor: should be able to edit only the queues which are a part of his team(s) The queues that are not assigned to the supervisor should not be visible on the frontend |
| 2 | Routing Engine > Agent Attributes | All permissions related to editing attribute assignment to agents |
| view: Can only view the setting. manage : inherits view, along with complete access to edit and delete | Admin: should have the complete access Routing Manager: Should have the complete access Supervisor: should be able to edit only the agents that are a part of his team(s) The agents that are not assigned to the supervisor should not be visible on the frontend |
| 3 | Routing Engine > Agent MRDs | All permissions related to managing changes related to MRD tasks assignments to agents |
| view: Can only view the setting. manage : inherits view, along with complete access to edit and delete | Admin: should have the complete access Routing Manager: Should have the complete access Supervisor: should be able to edit only the agents that are a part of his team(s) The agents that are not assigned to the supervisor should not be visible on the frontend |
| 4 | Routing Engine → MRDs | All permissions related to the management of MRDs |
| view: Can only view the setting. manage : inherits view, along with complete access to edit and delete | Admin: should have the complete access Routing Manager: Should have the complete access Supervisor: should be able to view all created MRDs |
| 5 | Routing Engine → Routing Attribute | All permissions related to the management of Routing Attributes |
| view: Can only view the setting. manage : inherits view, along with complete access to edit and delete | Admin: should have the complete access Routing Manager: Should have the complete access Supervisor: should be able to view all routing attributes defined in the system |
| 6 | Channel Manager → All settings | All permissions related to Channel Management related configurations |
| view: Can only view the setting. manage : inherits view, along with complete access to edit and delete | Admin: should have the complete access Routing Manager: Should have the view-only access Supervisor: Should have the view-only access |
| 7 | Bot Connectors → All | All permissions related to bot connector configurations |
| view: Can only view the setting. manage : inherits view, along with complete access to edit and delete | Admin: should have the complete access Routing Manager: Should have the view-only access Supervisor: Should have the view-only access |
| 8 | Agent Desk | All permissions related to managing different settings of AgentDesk |
| view: Can only view the setting. manage : inherits view, along with complete access to edit and delete | Admin: should have the complete access Routing Manager: Should have the view-only access Supervisor: Should have the view-only access |
| 9 | Forms | All permissions related to management of forms |
| view: Can only view the setting. manage : inherits view, along with complete access to edit and delete | Admin: should have the complete access Routing Manager: Should have the view-only access Supervisor: Should have the view-only access |
| 10 | General → All settings | All permissions related to managing settings that come under “General” |
| view: Can only view the setting. manage : inherits view, along with complete access to edit and delete | Admin: should have the complete access Routing Manager: Should have the view-only access Supervisor: Should have the view-only access |
| 11 | Pull Mode List → All | All permissions related to management of pull mode lists |
| view: Can only view the setting. manage : inherits view, along with complete access to edit and delete | Admin: should have the complete access Routing Manager: Should have the view-only access Supervisor: Should have the view-only access |
| 12 | Reasons → All | All permissions related to management of reason-codes |
| view: Can only view the setting. manage : inherits view, along with complete access to edit and delete | Admin: should have the complete access Routing Manager: Should have the view-only access Supervisor: Should have the view-only access |
| 13 | Web Widget → All | All permissions related to management of Web Widget |
| view: Can only view the setting. manage : inherits view, along with complete access to edit and delete | Admin: should have the complete access Routing Manager: Should have the view-only access Supervisor: Should have the view-only access |
| 14 | teams→ All | All permissions related to management of teams |
| view: Can only view the setting. manage : inherits view, along with complete access to edit and delete | Admin: Routing Manager: Supervisor: Should only be able to view and edit its own team. |