Users, groups and access
Account general settings
Managing users and access permissions is available only to master-users.
Access groups
Access groups allow you to grant users and API tokens access to certain account objects (e.g. databases, segments, campaigns, templates) while restricting access to other objects. A group is basically a container with a set of objects. Thus a user, while working within an assigned container, cannot access objects from other containers.
Groups are when you need to organize separate workspaces for different departments of your company — within one account with shared statistics and supervisor access. Another situation is when you need a separate workspace for outsource specialists like email designers or data integrators.
If you need whole separate workspaces — with no shared statistics, data and supervision access — consider creating several platform accounts within one Altcraft instance. Accounts can use shared or individual resources and components. For all instance accounts a Global suppression list is maintained as a shared resource.
Main group
Main group is created by default — it contains all account objects, including those assigned to any other group. If you delete a custom group all its objects are not removed — but reassigned to Main group. If you don't need to divide your workspace — feel free to use Main group for all objects you create.
Master-usershave full access to Main group with all permissions — no matter which groups and roles are assigned to them.
Create/assign groups
Groups are created and assigned dynamically, while editing any account object - in its General settings section. To assign an existing group, select it from the Set group dropdown. Message template is for example here:
To create a new group, simply enter its name into the same dropdown menu - and press Enter on your keyboard or Add %group_name% in the interface:
Any object created by a user will be assigned to the group, the user is currently working in.
Switch/delete groups
Groups, available to Altcraft users, are displayed in a dropdown menu in the top right corner of the application, next to profile avatar. A user can switch groups from any account object list.
A master-user can delete groups from the same dropdown menu.
Roles
A role defines which actions are permitted to a user or an API token within the assigned access groups. To manage roles in the main menu select Settings → Roles:
The list you will see contains the existing access roles. You can edit, clone or delete a role in a context menu on the right side of the list. To edit a role you can as well click on its name. To create a new role click + Create in page header.
Any role has 3 parameters:
- Role name. A master user can assign roles to users by their unique names.
- Groups where the role permissions are applied.
- Permitted actions with account objects.
If Main group is selected in a role, role permissions will be applied to all account objects. Master-users are not affected by group and role restrictions.
You can set Object view and Create & edit permissions for any object of the account. For databases, segments, suppression lists and resources Read & download permissions are available - to export and download data.
A role without Activate access in Message templates access section will allow users only to save message templates as drafts which are subject to further moderation in order to be used in campaigns. Such restrictions work well for say outsource email template developers.
For campaigns and scenarios you can restrict Activate option — users with such roles won't be able to launch campaigns and automation workflows. Another user with moderator rights can then check and activate them.
Roles can restrict user actions with the following platform objects:
- Resources is a tool for managing customer subscriptions to various content via specific communication channels.
- Databases is a database for storing customer data.
- Database imports (scheduled import) is automatic synchronization of the Altcraft profile database with an external database (for example, corporate CRM or SQL database).
- Relations are used to record interactions between your clients, or clients and company managers.
- Queries are SQL queries to external databases. The role regulates user's actions with templates queries and with segmentation queries.
- Message templates is the content that you send to subscribers as part of the campaign.
- Fragments are parts of the template that can be used in other templates.
- Segments are part of a database that includes profiles meet certain conditions. The role regulates user's actions with static and dynamic segments.
- Suppression lists is a list of email addresses, domains and phone numbers excluded from the mailing list.
- Campaigns - broadcasts, regular and trigger campaigns, multivariate tests, placement campaigns.
- Scenarios is an automated chain of conditions and actions that will follow when conditions are met.
- Pixels is HTML or JavaScript code placed on a website or application that is designed to track user activity.
- Forms is an element on the page of the website through which the user input and sends you their data.
- Loyalty is a module that is used to generate and assign promotional codes to profiles.
- Virtual senders is a set of rules for real senders and a powerful tool for fine messaging tuning.
- Market is a module for working with data about products and orders of an online store.
User profiles
Managing Altcraft user profiles is available both in User interface and in Administrative panel. This article contains information about the User interface procedure. To manage user accounts in the main menu select Settings → Users:
The list you will see contains the existing account users. You can edit or remove a user in a context menu on the right side of the list. To edit a user you can as well click on the record's name. To create a new user click + Create in page header.
General settings
In user General settings section specify the following data:
Username — a unique name to be used in login credentials (username@accountname).
First name — user's first name.
Last name — user's last name.
Contact email — email address for login credentials.
Interface language — select between English and Russian.
Date and time formats — set the preferred date and time display formats.
In case authorization is configured via LDAP using your company's directory service — this directory service login will be used together with Altcraft account name: user@company**@account**. The password is thus set within the directory service as well.
Password and authorization
In Security section you can set and change user's password. When you set a new password you can send new credentials to user's contact email — select Send access information to user option and save changes.
This section will also keep information about the user's latest login — time and IP address.
In case LDAP only is specified for the account in LDAP access settings, managing passwords from User interface loses power.
Access to account objects
In Access section you can configure which actions in which object groups users are permitted to perform:
Master user — such users will have unlimited access to all account objects (Main group) with no role restrictions. Settingssection of the main menu is available for master users — they can manage other user profiles, groups and roles.
Active user — this option activates the user profile.
Assigned roles — access roles, defining user permissions.
Assigned groups — account object groups.
The diagram on the right displays how user groups and roles work together once assigned.
If a role does not work with a group, assigned to a user — adding this role will cause no effect, as user won't have action permissions for this group — even to view objects.
If a role works with a group that is unavailable for a user - it will remain unavailable.
API tokens
API tokens are used for accessing certain platform functions via API. A master user can view, create, edit or delete tokens in Settings → Tokens:
The list you will see contains the existing API tokens. You can edit or remove a token in a context menu on the right side of the list. To edit a token you can as well click on the record's name. To create a new API token click + Create in page header.
For a new token choose a unique name - or leave a system-generated name be. The token itself will get available after you save changes. Token access settings are pretty much the same as user profile settings: assign the necessary groups and roles to a token as you would to a live user.
A token with Main group assigned can access objects from any other group as well.