Access roles
Default access roles
In order to help you get up and running with multiple users, there are multiple default (managed) access roles that can be used without having to create a custom access role.
The table gives a description of what each role does and how it can be used.
| Role name | Description |
|---|---|
Inbox Agent | This role can be used for users that are agents within Inbox AI. This role grants access to the Inbox product alongside the content within the channels configured in Inbox across all workspaces. It does not allow access to configure organization or workspace settings including channel management, billing, security, etc. |
Organization Owner | This is the most privileged role in the organization. It can view all content and settings across the organization and alter any settings. It can add and remove users, update security and billing settings and manage all aspects of channels, workspaces, etc. This role should be allocated to the initial user setting up the organization alongside a limited number of trusted individuals who may need to alter any settings or configurations across the organization. |
Workspace Owner | This role can be used to give a user access to all workspaces and allow them to manage all aspects of a workspace including managing campaigns, channels, contacts, etc. It also gives access to all content within the organization. It does not allow access to organizational level features such as user management, billing, and overall workspace management (e.g. adding and removing workspaces). |
SCIM Client | For customers that want to automatically provision their users from a central identity provider, this role is necessary to enable the SCIM protocol to communicate with your organization. Further instructions are available under the SSO section of the docs. |
Visitor | This is an internal role which is not designed for direct customer use. |
Chat Widget | This is an internal role which is not designed for direct customer use. |
Custom access roles
Assign access policies to create access roles, then assign roles to users.
Access roles are a way to assign specific access permissions to users within the MessageBird environment. An access role is a collection of access policies that are grouped together to define a specific set of permissions.
For example, you might create an access role called "Marketing Manager" that includes access policies allowing access to Campaigns.
Access roles allow you to control who has access to what data and functions within your organization's MessageBird environment. They are particularly useful when you have a large number of users who require varying levels of access to different areas of the software.
Assign access roles to users when you invite them, or edit a users' profile to add or change their access role.
Create an access role
Go to your Organization Settings and click Access roles.
Click the Create new role button.
Under "General", enter a role name and a role description.
Under "Policy", select the policy type (either 'Managed' for MessageBird-created policies, or 'Organization' for custom policies) from the "Type" drop-down.
From the "Policy" drop-down, select the access policy you want to apply to this role.
If required, click Apply another policy and repeat steps 4-5 to add additional access policies to this role.
Click Create new role to create your access role.
Assign an access role to a user
Go to your Organization Settings and click Users.
Locate the user that you want to assign access roles to and hover over their entry.
Click on the three dots that appear on the right-hand side of the screen.
Select Edit user from the dropdown menu.
In the "Access roles" section, click the dropdown menu and select the access role you want to assign to the user. You can assign multiple roles if needed.
Click Update roles to save the changes.
That's it! The user will now have the assigned access roles and be able to access the corresponding areas of the MessageBird environment based on the permissions granted by those roles.
Change a user's access role
Go to your Organization Settings and click Users.
Locate the user whose access role you want to change, hover over their entry, then click the three dots on the right-hand side of the screen.
Click Edit user.
Under the "Access roles" section, you will see the user's current access roles.
Select a new role from the drop-down.
Click Update roles to save the changes.
Remove a user's access role
Every user must have at least one access role assigned to them.
Go to your Organization Settings and click Users.
Locate the user whose access role you want to remove, hover over their entry, then click the three dots on the right-hand side of the screen.
Click Edit user.
Under the "Access roles" section, you will see the user's current access roles. If they have more than one role, you can delete the additional roles by hovering over it and clicking the delete icon.
Click Update roles to save the changes.
Last updated
