Skip to main content
Skip table of contents

AgentDesk Permissions - Resource, Scope & Groups Mapping

All Resources are defined in Keycloak in spinal-case

All Scopes and Groups are defined in Keycloak in snake_case

Note that the following table and group segregation are for agents only and not for Supervisors. Supervisor permissions structure should remain intact as working in the previous versions.


Permission

Description 

Resource

Scopes

Groups

1

Customer PII

For security reasons, the PII customer data should be protected from unauthorized access. 

customer

view_pii: With this scope, agent can see all PII attributes of a customer (without masking).

masked_pii:  With this scope agent can only see customer attributes as masked.

senior_agents: view_pii scope is linked to it.

agents: masked_pii scope is linked to it.

2

Access Customer Profiles 

Agents are able to view customer profiles with this permission, without an active conservation view with a customer

customer

view: Agent with this scope can view the customer profile without any active session with a customer. 








All agents, senior agents, supervisors are able to access the customer list.

3

Edit Customer Profile

  1. Agent are able to edit customer profiles with this permission, without any active session with a customer

  2. Agent can able to edit customer profiles (including linking the conversation with a different profile)  with this permission, only when an active session with a customer.

customer

manage: Agent with this scope can edit the customer profile without any active session with a customer.

manage_in_conversation: Agent with this scope can edit the customer profile ( link profiles) only when the conversation view is visible.

agents:  All agents have the manage_in_conversation scope assigned.

senior_agents: have the manage scope assigned. 

4

Create New Customer

Admin/Supervisor can able to create new customer 

customer

manage: Agent with this scope can create new customer.

senior_agents: manage scope is linked to it.

5

Manage Customer Schema

Admin/Supervisor can manage (create/update/delete) customer schema 

customer-schema

manage: Users with this permission can Create/Edit/Delete Customer Schema.

supervisor: manage scope is linked to it.

(role based)

6

View Customer Schema

Only specialized agents can view customer schema

customer-schema

view:  Agents/Supervisors with this scope has permission to view customer schema list.

senior_agents: view scope is linked to it.

7

Assign Labels

Agent can assign labels with this permission.

customer-labels

assign_label: Agent with this scope can Create/View and Assign labels to customer.

agents: assign_label scope is linked to it.

8

Manage Labels

Supervisor can manage labels with this permission.

customer-labels

manage: Supervisors with this permission can Edit/Delete labels.

supervisor: manage scope is linked to it.

(role based)

9

View Customer History

With this permission, an agent can view activities of older conversations with this customer. 

An additional requirement: 

Different access levels to view customer history for an agent:

  1. Access to active conversations only and not to past conversations 

  2. Complete access to Conversation History while agent have an active conversation with a customer 

  3. Complete access to Conversation History regardless of any active conversation with a customer 

  4. Complete history should be visible from agent-interacted customers only (Reserved for future - Need to be looked on API level whether its possible or not).

  5. View last week conversation history only. (Keycloak Limitation)

agent-conversation-control

view_history_active_customer : Agent with this scope have complete access to Conversation History only if agent interacted with customer in conversation view.

view_history : Agent with this scope have complete access to Conversation History regardless of any active conversation with a customer in conversation view.



view_history_interacted_customer :

(Reserved for future)

senior_agents: view_history scope is linked to this group. Only Senior Agents can view history of any customer with or without any Active Conversation.


agents:  view_history_active_customer is linked to this group. Agents with this scope can only see the past conversations of customer once an active conversation with the same customer is going on.




10

Do Direct Transfer

Agent can transfer a chat to other agents/supervisors using this permission so that only the users having these permission should be able to transfer a conversation to supervisors or other agents.

agent-conversation-control

view_direct_transfer: Agent with this scope has permission to transfer chat directly (without consult) to other agents/suprevisors to save customer time. (covers both use-cases for queue-transfer and agent-transfer)

agents: view_direct_transfer scope is linked to this group.

11

Do Conference

Agent can add other agents/supervisors as a primary participant to active conversation. (Currently an agent can add only single agent/supervisor as a primary participant).

agent-conversation-control

view_conference: Agent with this scope has permission to add other agent/supervisor as primary participant in active conversation with customer.

agents: view_conference scope is linked to this group.

12

Start a new session / agent initiated messaging


All agents, senior agents, supervisors should be able to start a new channel session or a new conversation with a customer.

agent-conversation-control

view_initiate_chat:  Agent with this scope has the permission to start a new conversation or a new channel session within a conversation, on available media channels.

All agents, senior agents, supervisors should be able to start a new channel session or a new conversation with a customer.

13

Add Wrap-up/ Notes

Agent can able to add wrap-up notes with this permission.

agent-conversation-control

view_wrap_up:  Agent with this scope has permission to add wrap-up notes.


agents: view_wrap_up scope is linked to this group.


14

Leave Chat

Agent/Supervisor will be able to leave chat

agent-conversation-control

view_leave_chat: Agent with this scope has permission to leave chat.

agents: view_leave_chat scope is linked to this group.


15

State Change


User will be able to change and view agent and MRD states

state-change

manage_state_change

agents: manage_state_change scope is linked to this group.

16

Subscribed List

Agent/Supervisor will be able to mange subscribed list

subscribed-list

view: Agent with this scope has permission see and join available chat.

manage: Supervisor with this scope has permission see, join, end chat.


agents: view scope is linked to this group.

supervisor: manage scope is linked to this role.

(Role based)

17

Supervisor Dashboard

Supervisor can view all dashboards (for now)

supervisor

view_all:



18

Recording Link

  1. Agents/Supervisors can only see their own recording link in a Conversation.

  2. Agents/Supervisors can see all the recording links in a Conversation.

recording-link

view: Agent/Supervisor with this scope has permission to only see his own recording links in a conversation.

view_all: Agent/Supervisor with this scope has permission to see all the recording links in a conversation.


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.