User role descriptions

  • Updated

Roles are assigned to user records to define the users' access rights within the website and/or Admin Console. Although role rights are hard-coded, multiple roles can be assigned to any given user, creating hierarchically expanded rights as needed. Role definitions may vary somewhat per implementation, and not all roles will be used for every site. User records also may be created without assigned roles (nulls), for implementations where role-driven functionality is not required.

The following list describes the purpose of the various roles and why they would be assigned to users. To view specific role permissions and capabilities, review the permission matrices at the bottom of this article.

Website user roles

Unassigned user

This is not technically a role, but is the result of either removing all roles assigned to a user or a user creating their own account on the storefront. This "role" has the same permissions as Buyer 3, with the exception of access to Invoice History, Order Approval, and Requisitions

Administrator

The Administrator role is assigned to the customer administrator. Typically this is a senior buyer who also manages all other buyers for the organization. The Administrator can setup new buyers, assign ship-tos, manage budgets, and view all orders and invoices for the organization.

Buyer3

The Buyer3 role is typically assigned to a senior buyer who has no budget restrictions and does not need to have orders approved. Consequently, this role can also serve as an approver.

Buyer2

The Buyer2 role is typically assigned to an associate buyer. Users with this role can create orders without approval if they remain within their specified budget restrictions. Any orders that exceed their budget restrictions must be approved. This role must have an assigned approver.

Buyer1

The Buyer1 role is typically assigned to a junior buyer, where all orders created must be approved. This role must have an assigned approver.

Requisitioner

The Requisitioner role may only submit requests to purchase products. This role must have an assigned approver.

Admin Console user roles

The ISC_Implementer, ISC_Admin and ISC_User roles can impersonate users.

ISC_System

Users with this role have high-level administrative access to Admin Console, with the rights to modify critical site settings and access the debugging tools found within the Primary Header. It is a higher level of access than the ISC_Admin role. This is an Optimizely-only role and appears here for reference purposes only.

ISC_Admin

Users with this role possess administrative access to Admin Console, with the rights to modify application and website settings. This role does not have access to the debugging tools found within the Primary Header. Typically, this role is assigned to the system administrator.

ISC_Implementer

Users with this role have high-level administrative access to the Admin Console, and can modify key implementation and integration settings. Users in this role cannot create or delete websites. This role typically is assigned to Optimizely implementation partners.

ISC_User

May be used to identify secured access to Admin Console, with the rights to modify Customers, Users and Orders, among other items. Typically this role would be assigned to customer service representatives, but you could also assign it to merchandisers or marketers.

ISC_Integration

The ISC_Integration role is assigned to the user specified in the WIS, which is used in the WIS Integration service to connect to the site for running jobs and transferring files.

Content Management System user roles

To add/edit or review/approve content within the Admin Console, Configured Commerce users must be assigned the appropriate roles in addition to their website user role.

ISC_ContentAdmin

Users with this role may preview, approve, and publish content. This role may also create and modify templates.

ISC_ContentApprover

Users with this role may preview, approve and publish content.

ISC_ContentEditor

Users with this role may add and edit content.

ISC_FrontEndDev

Users with this role may add, remove, or edit Theme-based content, found under the Themes & Content menu within the Admin Console. By default, access to the Themes & Content menu is limited only to Users assigned the Roles of ISC_Admin, ISC_System, ISC_Implementer, or ISC_FrontEndDev. Themes & Content includes Theme Editing, Theme Resource Editing, and Content Item Template Editing.

Although not a requirement, it is recommended that users with the ISC_ContentApprover, also have the ISC_ContentEditor role. This allows the User to make minor edits to content before approving the revision.

Custom user roles

Custom user roles can be created to meet specific business needs of the client. Custom user role permissions, by default, inherent all permissions. Restricting a custom user role to specific entities can be done in the Permissions finger tab of the Application Dictionary.