Submit Documentation FeedbackJoin Developer CommunityLog In

Creating custom roles for the admin console

This topic describes how to create customer security roles for the admin console.

B2B Commerce Cloud allows for the custom creation of security roles for the Admin Console. Creating custom roles gives the exact level of security desired.This article provides the basic instructions for creating a role and then provides the steps to address the scenario of creating a role that doesn't have access to Customers within the Admin Console.

Create a custom role

  1. Go to Admin Console > Administration > Permissions > Roles.

  2. Click Add Role .

  3. In the Role Name field, enter in the name of the new Role.

    If the role is to have access to the Admin Console, it must begin with ISC_. Any role that is not preceded by ISC_ will not appear in the permissions in the Application Dictionary.

  4. Click Save .

Limiting access to the admin console

Custom Roles can be used to limit certain users from accessing specific areas of the Admin Console. The steps below will address this scenario: We have a set of users that need to access the Admin Console to update Product information, but we do not want them to have access to Customer data.



The ability to impersonate users is assigned only to the ISC_Implementer, ISC_Admin and ISC_User roles and you cannot add the ability to impersonate to your custom role.

Create the new role

  1. Follow the instructions above for creating a new custom Role. We will use the Role name of "ISC_ProductData".

Remove access to the customer entity

  1. Go to Administration >Β System >Β Application Dictionary and search for Customer.

  2. Select Edit for customer.

  3. Select the Permissions finger tab.

  4. Select Edit for the ISC_ProductData Role.

  5. Change the radio buttons to limit access, by selecting No.

  6. Click Save.

  7. Assign the Role to desired Users.

    Roles with higher permission override Roles with lower permission. So, if a particular User has a Role that allows access to the Customer entity, that will supersede the Role that limits the access to the Customer entity.

End result

Users who access the Admin Console with the ISC_ProductData role will not see the Customer entity:

Did this page help you?