Role permissions

  • Updated

Optimizely Configured Commerce has unique roles for the Admin Console and storefront to manage various tasks. Admin Console roles are prefaced with "ISC_" to differentiate them from website user roles.

Each role can only access certain areas based on predefined permissions. The lists below provide the default permissions for each role, but you can customize these permissions.

Console user permissions

Admin Console permissions

  • ISC_System (Optimizely-only role listed for reference)
    • Manage integration jobs
    • Manage admin and system users
    • Access CKFinder
    • View and update website SEO settings
    • Access debug menu
    • Access the Application Dictionary
    • Access the Themes & Content menu
    • Create revision (CK editor)
    • Publish (CK editor)
    • Delete revision (CK editor)
    • Preview revision (CK editor)
    • View and update settings
  • ISC_Admin
    • Manage integration jobs
    • Manage admin and system users*
    • Access CKFinder
    • View and update website SEO settings
    • Access the Application Dictionary
    • Create revision (CK editor)
    • Publish (CK editor)
    • Delete revision (CK editor)
    • Preview revision (CK editor)
    • View and update settings*
  • ISC_Implementer
    • Manage integration jobs
    • Manage admin and system users*
    • Access CKFinder
    • View and update website SEO settings
    • Access debug menu
    • Access the Application Dictionary
    • Access the Themes & Content menu
    • Create revision (CK editor)
    • Publish (CK editor)
    • Delete revision (CK editor)
    • Preview revision (CK editor)
    • View and update settings*
  • ISC_FrontEndDev
    • Access CKFinder
    • Access the Themes & Content menu
    • Create revision (CK editor)
    • Publish (CK editor)
    • Delete revision (CK editor)
    • Preview revision (CK editor)
  • ISC_Integration
    • Manage integration jobs
    • Access CKFinder
  • ISC_User
    • Manage admin and system users*
  • ISC_ContentAdmin
    • Access CKFinder
    • Create revision (CK editor)
    • Publish (CK editor)
    • Delete revision (CK editor)
    • Preview revision (CK editor)
  • ISC_ContentEditor
    • Access CKFinder
    • Create revision (CK editor)
    • Preview revision (CK editor)
  • ISC_ContentApprover 
    • Publish (CK editor)
    • Delete revision (CK editor)
    • Preview revision (CK editor)

* – denotes limited permissions

Permission notes

  • Manage integration jobsJobs > Connections, Jobs > Job Definitions, and Jobs > All Job History are read-only for users without permissions.
  • Manage admin and system users – Cannot assign or remove higher-level roles. The ISC_User role cannot see the Console Users section. However, they have full permissions in the Website Users section to add, delete, edit, or assign.
  • Access CKFinder – Opening the CK finder is disabled, and the Library > Media section is hidden for users without permission.
  • View & update website SEO settingsWebsite > SEO tab hidden for users without permission.
  • Access to debug menu – Debug icon hidden for users without permission.
  • Application dictionaryAdministration > Application Dictionary link hidden for users without permission.
  • Themes & ContentThemes & Content is hidden for users without permission.
  • Create revision (CK editor) – Related button disabled for those without permission.
  • Publish (CK editor) – Related button disabled for those without permission.
  • Delete revision (CK editor) – Related button disabled for those without permission.
  • Preview revision (CK editor) – Related button disabled for those without permission.
  • View and update settingsSettings is hidden for users without permission.

Content management system permissions

These roles let users manage storefront content in the CMS along with Admin Console access.

A user needs the ISC_User role and the necessary storefront roles to access the Admin Console and edit the storefront.

  • ISC_Implementer 
    • Use CMS shell
    • Create page
    • Edit page
    • Delete page
    • Add linked page
    • Unlink page
    • Edit widgets
    • Edit templates
    • Preview page
    • Publish page
    • Clear future publish
    • Rollback
    • Rollback and publish
  • ISC_FrontEndDev
    • Use CMS shell
    • Create page
    • Edit page
    • Delete page
    • Add linked page
    • Unlink page
    • Edit widgets
    • Edit templates
    • Preview page
    • Publish page
    • Clear future publish
    • Rollback
    • Rollback and publish
  • ISC_ContentAdmin
    • Use CMS shell
    • Create page
    • Edit page
    • Delete page
    • Add linked page
    • Unlink page
    • Edit widgets
    • Edit templates
    • Preview page
    • Publish page
    • Clear future publish
    • Rollback
    • Rollback and publish
  • ISC_ContentEditor
    • Use CMS shell
    • Create page
    • Edit page
    • Add linked page
    • Unlink page
    • Edit widgets
    • Preview page
    • Rollback
  • ISC_ContentApprover
    • Use CMS shell
    • Preview page
    • Publish page
    • Clear future publish

Permission notes

  • Use CMS shell – CMS shell is automatically displayed when users with these permissions are signed into the Admin Console and go to the storefront.
  • Create page – Option is hidden for those without this permission.
  • Edit page – Option is hidden for those without this permission.
  • Delete page – Option is hidden for those without this permission.
  • Add linked page – Option is hidden for those without this permission.
  • Unlink page – Option is hidden for those without this permission.
  • Widget permissions – Permission to create, edit, and delete widgets.
  • Template permissions – Permission to view, create, edit, and delete templates.
  • Publish page – Roles without this permission see Submit For Approval after clicking Publish.
  • Clear future publish – Roles without this permission do not have the option to clear the publish date when attempting to publish a page with a future publish date.
  • RollbackRestore button is hidden in the CMS header for roles without this permission.
  • Rollback and publishRestore and Publish button is hidden in the restore modal for roles without this permission.

Website user permissions

The following list describes the permissions users have when accessing the website.

  • Administrator
    • Access budget management
    • Submit items for requisition
    • Create users
    • Deactivate users
    • Edit users
    • Assign and edit ship-to
    • View and approve requisitions
    • View invoice history
    • Approve orders
    • View saved orders
    • Save orders
    • View order history
    • Request quote
    • View quotes
    • View approvals
    • Add wishlist
    • Edit wishlist
    • Delete wishlist
  • Buyer1
    • Must have all orders approved
    • View saved orders
    • Save orders
    • View order history
    • Request quote
    • View quotes
    • View approvals
    • Add wishlist
    • Edit wishlist
    • Delete wishlist
  • Buyer2
    • Place orders within a specific budget
    • View saved orders
    • Save orders
    • View order history
    • Request quote
    • View quotes
    • View approvals
    • Add wishlist
    • Edit wishlist
    • Delete wishlist
  • Buyer3
    • Place orders without approval and act as an approver
    • View invoice history
    • Approve orders
    • View saved orders
    • Save orders
    • View order history
    • Request quote
    • View quotes
    • View approvals
    • Add wishlist
    • Edit wishlist
    • Delete wishlist
  • Requisitioner
    • Request to order items
    • Submit items for requisition
    • Add wishlist
    • Edit wishlist
    • Delete wishlist

Custom roles

If you choose to create a custom role related to content creation or storefront access, the ability to publish content is assigned only to the applicable roles listed below, and you cannot add the ability to publish to your custom role.