Throughout our touchpoints with customers, we continue to learn more about their use cases, specifically their need for more granular and limited permission sets for workers.
Our implementation of custom roles and permissions is designed around the concept of least privilege access: assigning users only the necessary permissions to complete their work and nothing more. Custom roles can add specific capabilities to existing roles in order to provide users with only the capabilities they need to perform their duties, reducing risk.
The roles can be reviewed and accessed from the Organization’s settings page.
A custom role in Tehama is created by the Org Customer Administrator and consists of a name, description, a base role, and permission sets. Permission sets are added to one of Tehama’s existing base roles, including Staff, Room Manager, or Org Manager.
Once the base role has been selected, permission sets can be chosen to define the new custom role’s capabilities. From the outset, we offer three sets of permissions to choose from:
- Org Auditor:
- Ensures compliance with policies and diagnoses issues when necessary.
- Can audit the Activity Stream in any of the organization’s rooms.
- Can view live and recorded sessions.
- TCU Usage Auditor:
- Can access usage metering options and information for the organization.
- Can access the usage metering report.
- Can receive TCU Usage notifications.
- Business Analyst:
- Has full access to reporting capabilities: can view/generate and export all report types for the organization.
Once a custom role has been created, it can be applied to team members within the organization.
The initial deployment of this feature will consist of the three permission sets listed above but we’ll continue to introduce more over time as we learn more about our customers and their use cases within Tehama.
If you have any custom permission sets you would like to see in the Tehama platform, please contact your customer success manager.
For more information, see the Custom Roles and Permissions User Guide.