Dev GuideAPI Reference
Dev GuideAPI ReferenceUser GuideGitHubNuGetDev CommunitySubmit a ticketLog In
GitHubNuGetDev CommunitySubmit a ticket

Create custom roles for the Admin Console

Describes how to create customer security roles for the Admin Console in Optimizely Configured Commerce.

Optimizely Configured Commerce allows you to create security roles for the Admin Console. This article provides the basic instructions for creating a role and then provides the steps to address the scenario of creating a role that does not have access to Customers within the Admin Console.

Create a custom role

  1. Go to Admin Console > Administration > Permissions > Roles.

  2. Click Add Role .

  3. In the Role Name field, enter in the name of the new Role.

    If the role is to have access to the Admin Console, it must begin with ISC_. Any role that is not preceded by ISC_ will not appear in the permissions in the Application Dictionary.

  4. Click Save .

Limit access to the admin console

Custom Roles can be used to limit certain users from accessing specific areas of the Admin Console. The steps below will address this scenario: We have a set of users that need to access the Admin Console to update Product information, but we do not want them to have access to Customer data.

📘

Note

The ability to impersonate users is assigned only to the ISC_Implementer, ISC_Admin and ISC_User roles and you cannot add the ability to impersonate to your custom role.

Create the new role

  1. Follow the instructions above for creating a new custom Role. We will use the Role name of "ISC_ProductData".

Remove access to the customer entity

  1. Go to Administration > System > Application Dictionary and search for Customer.

  2. Select Edit for customer.

  3. Select the Permissions finger tab.

  4. Select Edit for the ISC_ProductData Role.

  5. Change the radio buttons to limit access, by selecting No.

  6. Click Save.

  7. Assign the Role to desired Users.

    Roles with higher permission override Roles with lower permission. So, if a particular User has a Role that allows access to the Customer entity, that will supersede the Role that limits the access to the Customer entity.

End result

Users who access the Admin Console with the ISC_ProductData role will not see the Customer entity.