Roles & access
Customize roles and access.
Overview
Thena has rolled out role-based access control (RBAC), enabling organizations to define and manage user access and permissions based on their roles. Thena provides three default roles along with the ability to create custom roles, offering comprehensive flexibility for managing access levels within the system.
Default roles
Admin
- Has full access to all features and functionalities within Thena.
- Can manage user access, roles, permissions, and API key management.
Full access member
- Has full access to all features and functionalities within Thena.
- Cannot manage user access, roles, permissions, and API key management.
Read-only member
- Can view everything in Thena but cannot perform any actions.
- Does not have access to the systemβs configuration settings (setup, settings, integrations, admin, and API management).
Custom roles
Thena supports the creation of custom roles, offering granular control over what users can access and manage. Admins can create, edit, or delete these roles at any time. When a user's role changes, they will be logged out and required to log back in to reflect the new permissions.
Managing access
Each feature or functionality in Thena can have its permissions configured based on four main access levels:
- All: Grants access to all available permissions for the feature.
- Create: Allows the user to create new entries or actions.
- Update: Grants permission to edit or modify existing entries.
- Delete: Allows the user to delete certain resources.
- Read-only: Provides view-only access to the resource without the ability to create, modify, or delete.
| Feature | Create | Update | Delete | Read-only |
|---|---|---|---|---|
| Requests | Create new request | Modify assignee, status, urgency, sentiment, & custom fields, Reply to conversations, Merge request | Discard request | View requests only |
| External ticket | Create external ticket | Modify assignee, status, reply, and form fields | - | View external tickets |
| External link | Create, link & unlink external link | - | View external links | |
| AI agent | Create new AI agent, Add sources | Edit agents, Edit sources | De-activate AI agent | View AI agents |
| Broadcasts | Create new broadcast, Duplicate broadcasts, Create audience list, Send and unsend broadcasts | Edit broadcasts | Archive draft | View broadcasts |
| Accounts | Create new accounts | Modify account details, logos, account fields and CRM mapping | Delete account | View accounts |
| Contacts | - | - | - | View contacts |
| Saved view | Create saved view | Modify saved views | Delete saved view | View saved views |
| Snippet | Create new snippet | Modify snippets | Delete snippet | View snippets |
| Analytics | - | - | - | View analytics |
| Setup | Setup channels | Modify existing setup | - | - |
| Settings | - | Modify settings | - | - |
| Integrations | Add new integration | Modify integration | Disconnect integration | - |
Read-only users can access features such as Favorites, Snooze, Inbox, Drafts, and private-scoped Saved Views.
Customization
Each role's access levels can be customized according to the organization's needs. These roles can be assigned individually or by grouping features for convenience.
Notifications and access denied
Users attempting to perform actions they do not have permission for will receive an Access Denied message. The message prompts them to contact the Thena administrator to request an access change.
Updated 23 days ago