Optimizely Configured Commerce lets you create custom roles for the Admin Console so you can choose the exact level of security.
Create a custom role
- Go to Admin Console > Administration > Roles.
- Click Add Role.
- Enter the name of the new Role.
If the role should access the Admin Console, it must begin with ISC_. Any role that is not preceded by ISC_ does not display in the permissions in the Application Dictionary.
- Click Save.
Limit access to the Admin Console
You can use custom roles to limit certain users from accessing specific areas of the Admin Console. The steps below address this scenario: you have a set of users that must access the Admin Console to update Product information, but you do not want them to have access to customer data.
The ability to impersonate users is assigned only to the ISC_Implementer, ISC_Admin and ISC_User roles, and you cannot add the ability to impersonate to your custom role.
Create the new role
Follow the instructions above for creating a new custom Role. This scenario uses ISC_Product Data as the role name.
Remove access to the customer entity
- Go to Administration > Application Dictionary and search for Customer.
- Click the Edit icon.
- Click Permissions.
- Select the Edit icon for the ISC_ProductData role.
- Change the radio buttons to limit access by selecting No.
- Click Save.
- Assign the Role to desired Users.
Roles with higher permission override roles with lower permission. If a user has a role that allows access to the Customer entity (such as ContentAdmin), this access supersedes the role that limits access to the Customer entity.
Users who access the Admin Console with the ISC_ProductData role will not see the Customer entity: