Roles and Access: Manage Permissions and Teams

🚧
You’re viewing documentation for a previous version of Thena. For the most up-to-date content, visit: docs.thena.ai.

Overview

Thena has rolled out role-based access control (RBAC), enabling organizations to define and manage user access and permissions based on their roles. Thena provides three default roles along with the ability to create custom roles, offering comprehensive flexibility for managing access levels within the system.

Default roles

Admin

Has full access to all features and functionalities within Thena.
Can manage user access, roles, permissions, and API key management.

Full access member

Has full access to all features and functionalities within Thena.
Cannot manage user access, roles, permissions, and API key management.

Read-only member

Can view everything in Thena but cannot perform any actions.
Does not have access to the system’s configuration settings (setup, settings, integrations, admin, and API management).

Custom roles

Thena supports the creation of custom roles, offering granular control over what users can access and manage. Admins can create, edit, or delete these roles at any time. When a user's role changes, they will be logged out and required to log back in to reflect the new permissions.

Managing access

Each feature or functionality in Thena can have its permissions configured based on four main access levels:

All: Grants access to all available permissions for the feature.
Create: Allows the user to create new entries or actions.
Update: Grants permission to edit or modify existing entries.
Delete: Allows the user to delete certain resources.
Read-only: Provides view-only access to the resource without the ability to create, modify, or delete.

Feature	Create	Update	Delete	Read-only
Requests	Create new request	Modify assignee, status, urgency, sentiment, & custom fields, Reply to conversations, Merge request	Discard request	View requests only
External ticket	Create external ticket	Modify assignee, status, reply, and form fields		View external tickets
External link	Create, link & unlink external link			View external links
AI agent	Create new AI agent, Add sources	Edit agents, Edit sources	De-activate AI agent	View AI agents
Broadcasts	Create new broadcast, Duplicate broadcasts, Create audience list, Send and unsend broadcasts	Edit broadcasts	Archive draft	View broadcasts
Accounts	Create new accounts	Modify account details, logos, account fields and CRM mapping	Delete account	View accounts
Contacts				View contacts
Saved view	Create saved view	Modify saved views	Delete saved view	View saved views
Snippet	Create new snippet	Modify snippets	Delete snippet	View snippets
Analytics				View analytics
Setup	Setup channels	Modify existing setup
Settings		Modify settings
Integrations	Add new integration	Modify integration	Disconnect integration

👍
Read-only users can access features such as Favorites, Snooze, Inbox, Drafts, and private-scoped Saved Views.

Customization

Each role's access levels can be customized according to the organization's needs. These roles can be assigned individually or by grouping features for convenience.

Notifications and access denied

Users attempting to perform actions they do not have permission for will receive an Access Denied message. The message prompts them to contact the Thena administrator to request an access change.