Access policies
Last updated
Was this helpful?
Last updated
Was this helpful?
Access policies are a crucial aspect of managing data access and usage within the MessageBird environment. They are a set of rules that either grant or deny access to specific areas within the software. By creating access policies, you can improve compliance and ensure that data is accessed only by authorized users.
There are two types of access policies:
Managed access policies, created by MessageBird.
Custom access policies that you can create yourself.
Managed access policies are policies that have been created for you by MessageBird to make it easier for you to get set up.
These are the available manages access policies:
OrganizationsReadOnly
Read-only access to all organizations and workspaces
FoundationsSupportHero
To provide Nest foundations support
OAuth2ClientCreate
InboxVariousResourcesDeleterPolicy
inbox: delete various resources
InboxVariousResourcesEditorPolicy
inbox: write various resources
InboxVariousResourcesViewerPolicy
inbox: view various resources
OrgSwitcherViewerPolicy
view workspaces, list
TouchPointsProjectViewerPolicy
view touchpoint projects, list and entity
BotEditorPolicy
edit bots
AgentProfileEditorPolicy
edit agent profiles
ConversationEditorPolicy
edit conversations
FeedItemsEditorPolicy
edit feed items list and entity
UsersViewerPolicy
view users, list
ConversationCreatorPolicy
create feed item conversations
BotViewerPolicy
view bots, list and entity
GroupViewerPolicy
view workspace contacts groups, list and entity
ConversationViewerPolicy
view workspace conversations, list and entity
ConnectorsViewerPolicy
view workspace connectors, list and entity
UserFeedViewerPolicy
view workspace user feeds, list and entity
FeedViewerPolicy
view workspace feeds, list, entity
TeamViewerPolicy
view workspace teams, list and entity
AgentViewerPolicy
view agent list and entity
ChannelViewerPolicy
view workspace channels, list and entity
PlatformViewerPolicy
view workspace platforms, list and entity
ComplianceManager
Manage approval flows and KYC forms
PaymentMethodsManager
Manage payment methods policy
FinanceManager
Manage finance
NumbersManager
Manage numbers and providers
ChannelManager
Manage connector templates
ProductManager
Manage products and pricing
SalesManager
Prepare new customers and assign custom pricing plans
AccessManager
Manage access to the platform
OrganizationFullAccess
Provides full access to everything in an organization
InvoiceViewer
View invoices per organization
KYCFormViewer
AllOrganizationsReadAccess
You can create your own custom access policies by following these steps:
Go to your Organization Settings and click Access policies.
Click the Create custom policy button.
Enter a Policy name and a policy description.
In the "Definition" section, under Effect, select 'Allow' or 'Deny' from the drop-down. This will establish if the policy you are creating will 'allow' or 'deny' users access to specific users area of your organization.
Under Action, you define what action you are 'allowing' or 'denying' users from performing. Choose one of the following options from the drop-down:
any
view
create
delete
update
In the Resource field, define the URL of the area of the organization you are 'allowing' or 'denying' users access to. For example: /workspaces{workspaceId}/contacts.
You can add multiple definitions and resources to create more complex access policies by clicking Add resource or Add definition.
Click Create policy to create your custom access policy.
Once you have created your access policy, (or chosen which managed policies you want to use) you can assign it to an access role, and then assign the access role to a user.
This will ensure that the user only has access to the areas of the organization that you have specified in the access policy.
