Admin Permissions - Resource, Scope, Role Mapping
This document is a developer guide to Admin Permissions and explains the permissions assigned to agents from within Unified Admin. It covers resource and scope mapping complexities and detailed descriptions of connected permission groups and roles with each scope.
This guide helps you to understand the existing permission structure and enables you to add new scopes to the underlying permissions and integrate them with existing or new permission groups and roles. This document is an essential resource for developers looking to effectively manage and extend the permission framework within Unified Admin.
All Resources are defined in Keycloak in
spinal-caseAll Scopes and Groups are defined in Keycloak in
snake_case
Supervisor must be assigned both agents_permission and senior_agents_permission groups.
Permission | Description | Resource | Scop/noes | Role | |
|---|---|---|---|---|---|
| 1 | Routing Engine → Queues | All permissions related to the management of queues of RE |
| view: Can only view the setting. manage : inherits view, along with complete access to edit and delete
| Admin: should have the complete access Routing Manager: Should have the complete access Supervisor: should be able to edit only the queues which are a part of his team(s) The queues that are not assigned to the supervisor should not be visible on the frontend |
| 2 | Routing Engine > Agent Attributes | All permissions related to editing attribute assignments to agents |
| view: Can only view the setting. manage : inherits view, along with complete access to edit and delete | Admin: should have the complete access Routing Manager: should have the complete access Supervisor: should be able to edit only the agents that are a part of his team(s) The agents that are not assigned to the supervisor should not be visible on the frontend |
| 3 | Routing Engine > Agent MRDs | All permissions related to managing changes related to MRD tasks assignments to agents |
| view: Can only view the setting. manage : inherits view, along with complete access to edit and delete | Admin: should have the complete access Routing Manager: should have the complete access Supervisor: should be able to edit only the agents that are a part of his team(s) The agents that are not assigned to the supervisor should not be visible on the frontend |
| 4 | Routing Engine → MRDs | All permissions related to the management of MRDs |
| view: Can only view the setting. manage : inherits view, along with complete access to edit and delete | Admin: should have the complete access Routing Manager: should have the complete access Supervisor: should be able to view all created MRDs |
| 5 | Routing Engine → Routing Attribute | All permissions related to the management of Routing Attributes |
| view: Can only view the setting. manage : inherits view, along with complete access to edit and delete | Admin: should have the complete access Routing Manager: should have the complete access Supervisor: should be able to view all routing attributes defined in the system |
| 6 | Channel Manager → All settings | All permissions related to Channel Management related configurations |
| view: Can only view the setting. manage : inherits view, along with complete access to edit and delete | Admin: should have the complete access Routing Manager: Should have the view-only access Supervisor: Should have the view-only access |
| 7 | Bot Connectors → All | All permissions related to bot connector configurations |
| view: Can only view the setting. manage : inherits view, along with complete access to edit and delete | Admin: should have the complete access Routing Manager: Should have the view-only access Supervisor: Should have the view-only access |
| 8 | Agent Desk | All permissions related to managing different settings of AgentDesk |
| view: Can only view the setting. manage : inherits view, along with complete access to edit and delete | Admin: should have the complete access Routing Manager: should have the view-only access Supervisor: should have the view-only access |
| 9 | Forms | All permissions related to management of forms |
| view: Can only view the setting. manage : inherits view, along with complete access to edit and delete | Admin: should have the complete access Routing Manager: should have the view-only access Supervisor: should have the view-only access |
| 10 | General → All settings | All permissions related to managing settings that come under “General” |
| view: Can only view the setting. manage : inherits view, along with complete access to edit and delete | Admin: should have the complete access Routing Manager: should have the view-only access Supervisor: should have the view-only access |
| 11 | Pull Mode List → All | All permissions related to management of pull mode lists |
| view: Can only view the setting. manage : inherits view, along with complete access to edit and delete | Admin: should have the complete access Routing Manager: should have the view-only access Supervisor: Should have the view-only access |
| 12 | Reasons → All | All permissions related to management of reason-codes |
| view: Can only view the setting. manage : inherits view, along with complete access to edit and delete | Admin: should have the complete access Routing Manager: Should have the view-only access Supervisor: Should have the view-only access |
| 13 | Web Widget → All | All permissions related to management of Web Widget |
| view: Can only view the setting. manage : inherits view, along with complete access to edit and delete | Admin: should have the complete access Routing Manager: Should have the view-only access Supervisor: Should have the view-only access |
| 14 | teams→ All | All permissions related to management of teams |
| view: Can only view the setting. manage : inherits view, along with complete access to edit and delete | Admin: Routing Manager: Supervisor: Should only be able to view and edit its own team. |