In this article, you'll learn the key steps for managing roles and users in your Talon.One account. Roles in Talon.One help you define different user permissions and specify what actions or features your users can access.
We strongly recommend creating roles as it provides a safe way to manage your users and their access to your promotions.
A role is defined by a set of permissions for your Talon.One applications and contains a collection of your users with access to your Talon.One account. Roles must be created by an account administrator and should be configured when setting up your account, a new application or when inviting new users.
Roles are a way to organize and define access levels for your users in Talon.One. We recommended that you create roles to limit access for certain users as a security precaution and for organizational purposes.
If you have set user permissions before the roles feature was available, the original permissions will still apply. We strongly encourage you to migrate your users to roles to ensure optimal usage of your account.
If you plan to invite new users to your account, you must create a role and add them. The default setting is "no access", so users will have no permissions with no access to applications, campaigns, coupons, etc. until they are assigned to a role or granted admin access.
You can create several different roles tailored to your business requirements, here are some examples of role types:
- Customer Support: Agent who creates/edits coupons in a single application
- Growth Team Admin: Team lead with full access to all application and developer section
- Campaign Manager: Junior who can create campaigns but not activate/launch them
- UK Marketing: Access to application for country-market, can create/activate campaigns
- Retail Campaign Manager: View or fully access per business channel
You can add new roles at any point. You can also add/remove users from roles as you wish. If you need help configuring the right roles for your business, please get in touch.
When you invite a user to Talon.One, you can grant them Admin access or assign them to a role. If you do not create any roles and/or assign users to a role, they will have no access to your account (unless they are an admin).
When creating a role, you can define the following access levels for each application:
- No Access: No access to this application
- View: View all campaigns and export coupons in this application
- Create and Edit: Create and edit all campaigns in this application
- Full Access: Access to this application, campaigns and developer settings
- Create and Edit Coupons: Create and edit coupons in all campaigns
- Draft Campaigns: Create and edit inactive campaigns
- Custom: Access to specific sections of this application
Conflicting Access Levels
Our roles-based permissions system is a grant-oriented system. When a user has two roles with different permissions for the same application, the one that grants more access will overrule the limited role.
For example: If User A is assigned to two roles, Role #1 has the preset “Create and Edit Coupons” and Role #2 has the preset “Draft Campaigns” set for the same application.
Here is an overview of roles abilities access levels:
Application: My E-Shop
|Role #1 (Create and edit coupons)||Role #2 (Draft campaigns)|
The permission system accumulates the granted permissions from both roles (or more, if that’s the case). The accumulated (final) permissions of the user for application “My E-Shop” would be:
User A (Final permissions)
- ✅ Can view coupons
- ✅ Can edit coupons
- ✅ Can create coupons
- ✅ Can create campaigns
- ✅ Can edit rules
- ✅ Can edit campaigns
- ❌ Can activate campaigns
To create a role in your Talon.One account you need administrator access. You can create new roles and add other users to these roles at any point.
Follow these steps to create a role:
- From the applications page, look for the box that says Administrate Account on the right and click the link See Account Settings
- Note: Only Admin users can see this section
- Open the Organization drop-down on the left and click on the Roles tab
- Click the +Create New Role in the top right corner
- Type a name and description for your new role (e.g. Support Agent, Can only create predefined coupons)
- For each Application in your account, select the access level you want to grant.
- Note: Assign users when you create a role or when you invite them to Talon.One
- Users can belong to more than one role, the role with more permissions "wins"
- You can remove users at any point
- Click the Select Users button to add or remove users.
- Note: The default setting for each application is "No Access"
- You can update permissions at any point
In addition to the predefined access levels, you can set your own custom permissions for an application. You can grant access to specific areas of an application like the Rule Builder or Coupons/Referrals sections depending on your requirements.
To set custom permissions, open the drop-down menu next to your application in the "Configure Application Access" section. Select "Custom" and the following options will appear:
Once you've defined your key roles, you can start inviting users or adding existing users to the roles. Don't worry, you can always add/remove a user from a role.
When you invite a new user to your Talon.One account for the first time, follow these steps:
- From the applications page, go to the Administrate Account on the right and click See Account Settings
- In the left side-menu click Organization -> Users list
- Click +Invite New User in the top right
- Type in your new user's email and name
- Choose to either "Promote to Admin" or "Assign a Role"
- Admin users will have full access to every area of this account
- To "Assign a Role", select one or multiple roles from the drop-down menu
- Click Manage Roles if you haven't created any roles yet
- Click Invite User
- New users will get an email with a link to your Talon.One domain
- On the Users List page, you can see an overview of all the roles users have been assigned
To change the permissions of an existing user, you must first create a role and then add them to that role.
If a user already has Admin rights, but you would like to add them to a new role, go to the "Users List" section of the Account page, click on one of your users and assign them to a role.
- Roles in Talon.One work with a grant-based system, so when two roles have conflicting permissions, the role that grants more permissions will override any others.
- Admin users need to manually add roles to your account
- Roles can be assigned when you invite new users to Talon.One or by adding existing users to a role.
- To delete a role, click on the "Roles" section, choose the role and click the Delete button in the top-right corner.
If you have questions or feedback on this feature, we would love to hear from you!