When using Iterable to create campaigns, you'll likely collaborate with multiple people. Each of these people may need access to a specific set of Iterable's resources and capabilities, based on their responsibilities. Use org admins, org permissions, and roles to help your team work safely, effectively, and with appropriate access permissions.
In this article
Overview
Member privileges in Iterable have three elements:
- Org permissions (all, some, or none)
- Project assignment (at least one project per user)
- Role assignment (one role per project)
Org permissions are independent of project and role assignment. However, project and role assignments work together.
Org permissions
When you create a member, you'll first choose their org permissions. These permissions define what a member can do to manage an Iterable organization. Org permissions aren't required for a member to use Iterable.
Org permissions are managed for each user independently (unless you're using SSO for authorization).
If you're creating an org admin, then all you need to do is select that option and all privileges assign automatically to that user. Every Iterable org must have at least one org admin.
However, when you're creating any other user who will have privileges limited in any way, you can select all, some, or zero org permissions.
Project assignment
Project assignments are managed for each user independently (unless you're using SSO for authorization).
Every Iterable member must have at least one project assigned to them.
Org admins are automatically assigned to all projects.
Roles and role assignment
Roles are bundles of permissions that give team members access to the Iterable features and resources within a project so they can efficiently do their jobs. Each role has a combination of the permissions described below.
For every project assigned to a member, a role must also be assigned. A member does not need to have the same role for each project.
Roles assignments are managed for each user independently (unless you're using SSO for authorization). However, the a role's permissions are managed centrally at the organization level. Making changes to a role's permissions will update privileges for all members assigned to that role.
Org admins automatically have all role permissions for all projects.
Org administrators
Org admins are the most privileged members in your Iterable organization. These members:
- Have all org permissions.
- Can assign and revoke org permissions.
- Can assign and revoke org admin status.
- Can add and remove users from an organization.
- Automatically receive all permissions on every project in your organization (current and future).
NOTE
To learn how to grant org permissions and org admin status, read Creating and Managing Member Accounts.
Org permissions
IMPORTANT
Org permissions are powerful. Assign them only to users who need the capabilities they enable.
Org permissions allow team members to manage various aspects of an Iterable organization. These permissions are granted outside the scope of any custom roles, are managed on a member-by-member basis, and are not project-specific. Iterable provides the following org permissions:
Manage Billing: Allows the member to view usage data and update payment information for an Iterable organization.
Create Projects: Allows the member to create new projects in an Iterable organization.
Manage Members: Allows the member to create new organization members, edit their account details, send password reset emails, disable two-factor authentication, and modify project membership and roles (for projects on which the permission holder is also a member). This permission does not allow holders to assign/revoke org permissions, assign/revoke org admin status or remove organization members.
Manage Roles: Allows the member to create custom roles and modify their included permissions.
Roles
Roles can include permissions taken from the following groups:
Project
General configuration
These permissions determine whether or not a member can configure project settings, third-party integrations, Facebook integration, API keys, system webhooks, and journey webhooks:
-
Manage Settings: Allows members to access and make changes to an Iterable project's Settings > Project Settings screen and the Settings > Custom Event Usage page. More specifically, it allows users to:
View and update project settings.
Create, rename, and delete labels.
View and update custom event settings.
View list and journey references (such as in the Settings > Custom Event Usage page).
Manage Integrations: Allows members to configure third-party integrations, Facebook integration, API keys, system webhooks, and journey webhooks (all found on the Integrations menu).
Channels
These permissions determine whether or not members can view or configure message channels and types, senders, DNS setup, sending platforms, mail domains, mobile apps, and web push settings:
View: Allows members to view channel configuration pages. It can be useful to view these settings when working with campaigns.
Setup and Manage: Allows members to create and configure channels.
Messaging
Journeys, Campaigns, and Experiments
These permissions determine how members can work with journeys, campaigns, and experiments:
View: Allows members to view journeys, campaigns, and experiments.
Draft: Allows members to draft or copy journeys, campaigns, and experiments (but not launch or schedule them).
Manage and Publish Journeys: Allows members to manage and activate journeys.
-
Manage and Launch Campaigns: Allows members to send, schedule, activate, and manage campaigns and experiments. When you select this permission, you must also select one or more message mediums:
- SMS
- In-app
- Push
- Web push
Project members can manage and publish campaigns and experiments only for the message mediums included in their project role.
If a member doesn't have permission to launch campaigns for a given message medium, that action will be disabled in Iterable's UI.
Content
Templates
These permissions allow users to create, update, and delete templates.
- Create and Manage: Allows members to create, update, and delete templates on the Content > Templates page.
Snippets
These permissions determine whether or not a member can modify an Iterable project's snippets:
- Create and Manage: Allows members to create, update, and delete snippets.
Catalogs
These permissions determine whether or not a member can view or manage catalogs or collections:
View: Allows members to view the Content > Catalogs screen and the contents of catalogs.
Create and Manage: Allows members to create, update, and delete catalogs.
Audience
Segmentation and Lists
These permissions determine whether or not a member can create, update, or delete static and dynamic lists:
- Create and Manage: Allows members to create, update, and delete static and dynamic lists.
IMPORTANT
For a member to be able to take any action that might create new users (such as upload CSV files), they'll also need Create and Manage Users permission.
User profiles and data
These permissions determine whether or not a member can view, create, update or delete users:
View: Allows members to view the contents of a project's user profiles.
Create and Manage Users: Allows members to create, update, and delete users.
IMPORTANT
For a member to import users and create/manage static and dynamic lists, their role must include the Create and Manage Segmentation and Lists permission.
Insights
Predictive goals
These permissions determine whether or not a member can view or manage Predictive Goals:
View: Allows members to view the contents of a Predictive Goal.
Create and Manage: Allows members to create and delete Predictive Goals.
NOTE
To add Predictive Goals to your Iterable account, talk to your customer success manager.
Reports
These permissions determine whether or not a member can view or manage reports:
View: Allows members to view the Insights > Reports screen.
Create and Manage: Allows members to create, update and delete reports.
Permission inheritance
When selecting permissions, you may notice that some of them are pre-selected, grey, and uneditable. Permissions in this state are automatically included by another, higher-order permission that you've also selected.
Example: If you select the Create and Manage Catalogs permission, then View Catalogs is also selected. This is because a member must first be able to view catalogs before they can create and manage them.
Viewing and creating custom roles
Members with the Manage Roles org permission can view, create, and edit roles.
To view all existing roles, and go to Settings > Roles.
To see the selected permissions for an existing role, hover over the count in the Permissions column.
To create a new role:
Click New Role.
Provide a name for the new role.
(Optional) To start with an existing permission set, choose from the dropdown underneath Copy Permissions From...
Click Create Role
-
Select permissions as necessary.
Click Save role.
IMPORTANT
Remember to save your work! Changes are not auto-saved when creating or changing a role. If you leave the page without clicking Save Role, you'll need to start over. If you see an error that says Role permissions could not be saved, try again.
Example custom role
Consider a hypothetical custom role for an email marketer. This member would need a role that grants the ability to create and send email campaigns from pre-existing templates and contact lists, but not view the users on those lists or their Iterable user profiles, nor send from any other message medium. Members with this role might also need to access reports to review campaign results.
This custom role should have the following permissions:
Create and Manage Reports, for creating and viewing reports
for their campaigns.Manage and Launch Campaigns for Email (which automatically includes View and Draft), for creating and managing email campaigns.
Updating roles
Any member with the Manage Roles org permission can edit the name of an existing role and its assigned permissions.
To edit a role:
Go to Settings > Roles.
Click the name of the role you wish to change.
To edit the role's name, click the pencil icon next to it and enter the new name.
To update permissions, check and uncheck permissions as needed.
Click Save Role to complete your changes.
It isn't currently possible to delete custom roles. However, they can be renamed, modified, and reused.
IMPORTANT
When you modify a custom role, users who already have that role receive its updated set of permissions.
Assigning roles
To learn how to assign roles to team members, and how to grant org permissions and org admin status, read Creating and Managing Member Accounts.
Permission inheritance
When selecting permissions, you may notice that some of them are pre-selected, grey, and uneditable. Permissions in this state are automatically included by another, higher-order permission that you've also selected.
Example: If you select the Create and Manage Catalogs permission, then View Catalogs will also be selected. This is because a member must first be able to view catalogs before they can create and manage them.
Example custom role
Consider a hypothetical custom role for an email marketer. These users would need a role that grants members the ability to create and send email campaigns from pre-existing templates and contact lists, but not view the users on those lists or their Iterable user profiles, nor send from any other message medium. Members with this role also need to access reports to review campaign results. This custom role should have the following permissions:
-
Create and Manage Reports, for creating and viewing reports
for their campaigns. - Manage and Launch Campaigns for Email (which automatically includes View and Draft), for creating and managing email campaigns.
All other permissions can be left off of this custom role.
Default custom roles
By default, an Iterable organization has the following custom roles, which you can modify as needed:
| Reader | Contributor | Publisher | Admin | Super Admin | Account Manager | |
|---|---|---|---|---|---|---|
| Project | ||||||
| Manage Settings | X | X | X | |||
| Manage Integrations | X | X | X | |||
| View Channels | X | X | X | X | X | |
| Setup and Manage Channels | X | X | X | |||
| Messaging | ||||||
| View Journeys, Campaigns, & Experiments | X | X | X | X | X | X |
| Draft Journeys, Campaigns, & Experiments | X | X | X | X | X | |
| Manage and Publish Journeys | X | X | X | X | ||
| Manage and Launch Campaigns * | X | X | X | X | X | |
| Content | ||||||
| Create and Manage Templates | X | X | X | X | X | |
| Create and Manage Snippets | X | X | X | X | X | |
| View Catalogs | X | X | X | X | X | X |
| Create and Manage Catalogs | X | X | X | X | X | |
| Audience | ||||||
| Setup and Manage Segmentation and Lists | X | X | X | X | X | |
| View User Profiles and Data | X | X | X | |||
| Create and Manage User Profiles and Data | X | X | X | X | X | |
| Insights | ||||||
| View Predictive Goals | X | X | X | X | X | X |
| Create and Manage Predictive Goals | X | X | X | X | X | |
| View Reports | X | X | X | X | X | |
| Create and Manage Reports | X | X | X | X | X |
Note: The default permission level for Manage and Launch Campaigns includes all message mediums (Email, Push, Web Push, In App, SMS)
Comments
0 comments
Article is closed for comments.