User role descriptions
Describes how to define the users' access rights within the website and/or Admin Console in Optimizely Configured Commerce.
Roles are assigned to user records to define the users' access rights within the website and/or Admin Console in Optimizely Configured Commerce. Although role rights are hard-coded, multiple roles can be assigned to any given user, creating hierarchically expanded rights as needed. Role definitions may vary somewhat per implementation, and not all roles will be used for every site. User records also may be created without assigned roles (nulls), for implementations where role-driven functionality is not required.
The following list describes the purpose of the various roles and why they would be assigned to users. To view specific role permissions and capabilities, review the permission matrices at the bottom of this article.
Website user roles
Unassigned user
This is not technically a role but is the result of either removing all roles assigned to a user or a user creating their own account on the storefront. This "role" has the same permissions as Buyer 3, with the exception of access to Invoice History, Order Approval, and Requisitions.
Administrator
The Administrator role is assigned to the customer administrator. Typically this is a senior buyer who also manages all other buyers for the organization. The Administrator can setup new buyers, assign ship-tos, manage budgets, and view all orders and invoices for the organization.
Buyer3
The Buyer3 role is typically assigned to a senior buyer who has no budget restrictions and does not need to have orders approved. Consequently, this role can also serve as an approver.
Buyer2
The Buyer2 role is typically assigned to an associate buyer. Users with this role can create orders without approval if they remain within their specified budget restrictions. Any orders that exceed their budget restrictions must be approved. This role must have an assigned approver.
Buyer1
The Buyer1 role is typically assigned to a junior buyer, where all orders created must be approved. This role must have an assigned approver.
Requisitioner
The Requisitioner role may only submit requests to purchase products. This role must have an assigned approver.
Admin Console user roles
The ISC_Implementer, ISC_Admin and ISC_User roles can impersonate users.
ISC_System
Users with this role have high-level administrative access to Admin Console, with the rights to modify critical site settings and access the debugging tools found within the Primary Header. It is a higher level of access than the ISC_Admin role. This is an Insite-only role and appears here for reference purposes only.
ISC_Admin
Users with this role possess administrative access to Admin Console, with the rights to modify application and website settings. This role does not have access to the debugging tools found within the Primary Header. Typically, this role is assigned to the system administrator.
ISC_User
May be used to identify secured access to Admin Console with the rights to modify Customers, Users, and Orders. Typically this role would be assigned to customer service representatives.
ISC_Integration
The ISC_Integration role is assigned to the user specified in the WIS, which is used in the WIS Integration service to connect to the site for running jobs and transferring files.
Content management system user roles
To add/edit or review/approve content within the Admin Console, Configured Commerce users must be assigned the appropriate roles in addition to their website user role:
ISC_ContentAdmin
Users with this role may preview, approve, and publish content. This role may also create and modify templates.
ISC_ContentApprover
Users with this role may preview, approve and publish content
ISC_ContentEditor
Users with this role may add and edit content
Note
Although not a requirement, users with the ISC_ContentApprover should also have the ISC_ContentEditor role to make minor edits to content prior to approving the revision.
Custom user roles
Custom user roles can be created to meet specific business needs of the client. Custom user role permissions, by default, inherent all permissions. Restriction a custom user role to specific entities can be done in the Permissions finger tab of the Application Dictionary.
Updated over 1 year ago