Docs
Merchandising Hub
Pers. content
Product recs
Product badging
Product Insights
IntroWelcomeGlossaryFAQsGet updates & take actionSee how your campaigns are performingTake actionSettings and toolsEnable Google AnalyticsView products in your catalog
Get startedShort guideBasic build flowYour dashboardTutorialsCreate a hotspot on a PLP
Add personalized contentStep 1 - Choose whereStep 2 - Decide who & whatStep 3 - Set visibilityStep 4 - Decide whenStep 5 - Review & launchReferenceMetrics
Experimentation Hub
Target customers
Data in/out
Analyze your data
Work with experiencesFirst stepsManageGet resultsBuild from a templateBuild Visual or CustomBuild Abandonment recoveryBuild Product recommendationsBuild Social proofBuild Visitor pulseGuides & tutorialsReference
Build segmentsFirst stepsCreateAnalyzeGuides, tutorials & reference
Collect visitor sentimentIntroSet it upGet results
Developers
Setup
Placements
Experiences
Setup Merchandising HubEcommerceTravel
Setup Experimentation HubWays to set up with QubitWeb setupMobile setupCMS setupValidate your setupProduct feedSmartserveTracking setup & property settingsManage your Auth keyManage your users & profilesAdvanced topicsAnalyticsThird-party toolsQubit scripts
API
FAQs
QP events
Setup Merchandising Hub
Ecommerce
Travel
Setup Experimentation Hub
Ways to set up with Qubit
Web, mobile & CMS
Web setup
Our three steps
eCommerce
eGaming
Travel
Mobile setup
Our SDKs and mobile APIs
For iOS
For Android
React Native SDK
CMS setup
Intro
Salesforce Commerce Cloud (Demandware)
SAP Commerce Cloud (Hybris)
Magento
Shopify
Contentsquare
Validate your setup
Why validate?
Data validation at Coveo Qubit
With Coveo Qubit Explorer
With Validation Dashboard
Product feed
Import and manage a Google product feed
Smartserve
Get your Smartserve Script
Edit your Smartserve prescript
Tracking setup & property settings
Review your tracking setup
Edit your property settings
Manage your Auth key
What is it and what's it for?
Generate new key
Configure existing key
Manage your users & profiles
Roles & permissions
Manage users
Manage profiles
Advanced topics
Hosting & self-hosting
Qubit events 101
Schema extensions
Product Id vs SKU
Correct use of product.categories
Round number fields
Qubit & ad blocking
Event enrichment
Analytics
Bounce rates - Qubit v GA
Session v entrance
Cross-domain tracking
Landing page tagging guide
Third-party tools
Set up GTM
Qubit scripts
Intro to Qubit scripts
UV API
Smartserve.js
Jolt
Qubit cookies
Intro to Qubit cookies
qubitTracker
qb_permanent
qb_session
qb_generic
Call-centre tracking
Track call as events
How it works
Set it up

Roles & permissions

In this article...

In this article, we will discuss the role-based permissions that determine what tasks you and other users can perform in the Qubit platform.

Roles and permissions

Each user in a property can be assigned 1 or 4 roles, from the most basic, Viewer, to the most advanced, Owner.

Each of these roles can be augmented with an additional set of permissions through the role Reporting, which enables a user to create and configure Qubit Exports.

DANGER: The role Reporting gives user access to customer data and potentially sensitive personal data. The assignment of this role should therefore be done with caution.

Refer to the following table for details of each role:

Role

Permissions

Additional permissions

Example

viewer

experiences:read
recs rules: read users:read
segments: read segments:write

Can view experiences but cannot build new experiences, edit, pause, or publish

Can view users and their permissions but cannot edit

Can create, edit, and delete segments

contributor

experiences:read experiences:write experiences:pause
recs rules:write
users:read segments:read segments:write

experiences:pause recs rules:write experiences:write

Can do all of the above plus create and pause experiences and create Recommendations rules, but cannot publish experiences

publisher

experiences:read experiences:write experiences:pause
recs rules:write
experiences:publish experiences:republish users:read
segments:read segments:write packages:publish
imports:preview imports:read imports:write

experiences:publish experiences:republish packages:publish
imports:preview imports:read imports:write

Can do all of the above plus publish and republish experiences

Can publish packages, preview, view, and create imports

Can access the Authentication keys page but only with the additional Reporting role

owner

experiences:read experiences:write experiences:pause experiences:publish
recs rules: write
experiences:republish users:read users:write segments:read segments:write packages:publish
imports:preview imports:read imports:write

users:write

Can do all of the above plus create and edit users and user permissions

reporting

exports:write authkeys:read authkeys:write

Can be applied to any role to allow the user to create and configure exports

Can be applied to the Publisher role to access the Authentication Keys page

A focus on user scope

For each of the above roles, and especially for organizations with multiple properties, it is important to understand that the users you can view and manage depends completely on the properties that you yourself have permissions in. This is the scope of your permissions as a user.

WARNING: You can only view and manage users in properties in which you also have some form of permission.

As an example, if an organization has 10 properties, but you only have permissions for 2 of them, you will only see those users in the 2 properties that you have access to. Users in the other 8 properties will be invisible to you. Look at the following example:

user management example

In the above example, User 1 has permissions in 2 of 10 properties for TEST ORG. User 2 has permissions in 4:

user 1

The column PROPERTIES reports the number of properties a user has permissions for that you also have permissions for. Note in the above example, this is 2 and not 4.

User 1 will not see that User 2 has permissions for 2 further properties, a total of 4, for TEST ORG, because User 1 does not have permissions for those additional 2 properties.

This concept of scope also applies when you search for a user or filter the list of users by organization or property.

Last updated: June 2020
Previous: Configure existing key
Manage your Auth key
Next: Manage users
Manage your users & profiles
Did you find this article useful?