In this article you will learn the key steps for managing roles and users in your Talon.One account. Roles in Talon.One help you define different user permissions and specify what actions or features your users can access. We strongly recommend creating roles as it provides a safe way to manage your users and their access to your promotions.

For example, you can create a role called "Customer Support" that grants users permission to only view campaigns in a single application.

A role is defined by a set of permissions for your Talon.One applications and contains a collection of your users with access to your Talon.One account. Roles must be created by an account administrator and should be configured when setting up your account, a new application or when inviting new users. 

In this article we will cover the following:
  1. What is a Role
  2. Access Levels
  3. How to a create Role
  4. Inviting new users
  5. Things to keep in mind

What is a Role?

Roles are a way to organize and define access levels for your users in Talon.One. We recommended that you create roles to limit access for certain users as a security precaution and for organizational purposes.

If you set user permissions before the roles feature was available, the original permissions will still apply. We strongly encourage you to migrate your users to roles to ensure optimal usage of your account.

If you plan to invite new users to your account, you must create a role and add them. The default setting is "no access", so users will have no permissions with no access to applications, campaigns, coupons, etc. until they are assigned to a role or granted admin access.

You can create several different roles tailored to your business requirements, here are some examples of role types:

  • Customer Support: agent who creates/edits coupons in a single application 
  • Growth Team Admin: a team lead with full access to all application and developer section
  • Campaign Manager: a junior who can create campaigns but not activate/launch them
  • UK Marketing: access to application for country-market, can create/activate campaigns
  • Retail Campaign Manager: view or full access per business channel
You can add new roles at any point. You can also add/remove users from roles as you wish. If you need help configuring the right roles for your business, please get in touch.
 

Access Levels

When you invite a user to Talon.One, you can grant them Admin access or assign them to a role. If you do not create any roles and/or assign users to a role, they will have no access to your account (unless they are an admin). When creating a role, you can define the following access levels for each application: 
  • No Access: no access to this application 
  • View: view all campaigns and export coupons in this application
  • Create and Edit: create and edit all campaigns in this application
  • Full Access: access to this application, campaigns and developer settings
  • Create and Edit Coupons: create and edit coupons in all campaigns
  • Draft Campaigns: create and edit inactive campaigns
  • Custom: access to specific sections of this application

Conflicting Access Levels
Our roles based permissions system is grant-oriented system. When a user has two roles with different permissions for the same application, the one that grants more access will "win" or "overrule" the limited role. 

For Example: If User A is assigned to two roles, Role #1 has the preset “Create and Edit Coupons” and Role #2 has the preset “Draft Campaigns” set for the same application. Here is an overview of roles abilities access levels:
Role Name App. Permission Preset Can View Coupons? Can Edit Coupons? Can Create Coupons? Can Create Campaigns? Can Edit Rules? Can Edit Campaigns? Can Activate Campaigns?
Role #1 My E-Shop Create and Edit Coupons
Role #2 My E-Shop Draft Campaigns









The permission system will accumulate the granted permissions from both (or more, when that’s the case) roles. The accumulated (final) permissions of the user for application “My E-Shop”can be shown bellow:
 
Final Permissions Can View Coupons? Can Edit Coupons? Can Create Coupons? Can Create Campaigns? Can Edit Rules? Can Edit Campaigns? Can Activate Campaigns?
User A
 
 


How to create a role

To create a role in your Talon.One account you must have administrator access. You can add new roles and add users to the roles at any point. Follow these steps to create a role: 
  1. Click on the arrow next to your name on the top right corner and select Manage Account
    • ​​Note: Only Admin users can see this section
  2. Click on the Roles tab
  3. Click on +Create New Role
  4. Type a name and description for your new role (e.g., Support Agent)
  5. For each Application in your account, select the access level you want to grant. Note:
    • Users can belong to more than one role, the role with more permissions "wins"
    • You can remove users at any point
    • Assign users when you create a role or when you invite them to Talon.One
  6. Click the Select Users button to add or remove users. Note:
    • The default setting for each application is "No Access"
    • You can update permissions at any point​


Custom Permissions

In addition to the predefine access levels, you can define your own custom permissions for an application. You can grant access to specific areas of an application like the rule builder or coupons/referrals depending on your requirements.

To set custom permissions, open the drop-down menu next to your application under the "Configure Application Access" section. Select "Custom" and the following options will appear: 

Inviting New Users

Once you have defined your key roles, you can start inviting users or adding existing users to the roles. Don't worry, you can always add/remove a user from a role. 

When you invite a new user to your Talon.One account for the first time, follow these steps: 

  1. Navigate to the Account page by clicking the settings drop-down menu on the right
  2. Click +Invite New User
  3. Type in their email and name
  4. Choose to either "Promote to Admin" or "Assign a Role"
    • Admin users will have full access to every area of this account
  5. To "Assign a Role", select one or multiple roles from the drop-down menu
  6. Click Manage Roles if you have not created any roles yet
  7. Click Invite User 
  8. New users will get an email with a link to your Talon.One domain
  9. On the Users page, you get an overview of what roles this user has been assigned


Changing Permissions

To change the permissions of an existing user, you must first create a role and then add them to that role. 

If a user already has Admin rights, but you would like to add them to a new role, go to the "Users" section of the Account page and assign them to a role. 
 

 

Things to keep in mind

  • Roles in Talon.One work with a grant-based system, this means that all roles explicitly give you permission to things.
  • When two roles have conflicting permissions, the role that grants more permissions will "win"
  • Admin users will need to manually add roles to your account and users can be assigned a role when you invite them to Talon.One or by adding existing users to a role.
  • To delete a role, click on the role and click the Delete button on the top right corner. 
If you have questions or feedback on this feature, we would love to hear from you!