Overview of Users, Roles, and Permissions| Hitchhikers Platform
What You’ll Learn
In this section, you will learn:
- How Users, Roles and Permissions work together in Yext
- What information lives on a User
- What you can customize and control for your brand
What is a User?
Now that you have a sense for the Yext platform, you can see that there is a lot to do to manage the data. Now the question is - who is going to do that?
Users are people who have access to the Yext platform in some way. The user object contains personal information about a user, like email address, username, name, as well as information about what they can access.
Access has 2 components to it:
- What are they being given access to do, e.g., Role
- What entities are they being given access to do this with, e.g., Scope
Each user can have multiple access controls defining what they can do in the account.
What are Roles?
Almost every screen in the platform, and in many cases each button, is gated behind a permission. It is possible to customize the user’s experience in Yext to a very granular level. Each role is made up of a set of permissions that correspond to those screens or actions.
Yext comes with several roles out of the box with combinations of permissions that fit a common persona. Some of our most popular built-in roles include:
Account Manager: Provides access to add or update entities and manage listings, reviews, users, approvals and account features. This user does not have access to billing or service management. Best for: Regional Managers, Corporate Users.
Entity Manager: Provides access to manage entity-level content, listings, and reviews. This user does not have access to billing, service, account settings or user management. Best for Store Manager, Franchisee, or Local User on a specific entity or folder.
Entity Viewer: Provides view-only access to entity content, listings, reviews and analytics and cannot make any changes within the account or view account settings or user management. Best for: Partner Customer, Store Manager, Franchisee, Local User.
Content Requester: Provides access to request changes to content and suggest review responses, but all requests must go through approvals. Users have access to view listings, reviews, and analytics. Best for: Franchisee, Local User. Note: You can learn more about how this role is used in the Content Suggestions Module.
The pre-built roles are updated at each release so the most up-to-date set of roles available is found in the platform on the Create User screen.
However, sometimes the built-in roles aren’t sufficient for your brand’s use case. No problem! You can define your own role by hand-selecting each permission you want in the role via our Custom Role Interface, which you’ll learn about later in this module.
You can create as many custom roles in your account as you need, but we don’t recommend creating a custom role for each user. Typically, you’d want to think about what are the personas or user groups that will need to access Yext and build as few roles as possible to make long-term management easier.
Custom Roles are particularly common if you want to limit access to certain fields in the Knowledge Graph. This is very powerful if you have local users, like franchisees or store managers, who you want to feel empowered to view or modify some content in Yext, but you want the rest to be centrally controlled by Corporate.
The Knowledge Graph is special in that we not only have permissions for each screen, but we have permissions for each field. With Custom Roles, you can choose permissions that determine for each field whether the user can:
- View the field
- Edit the field
- Edit the field, but only with approvals (more information here)
- Add Assets Only to the field (only select from pre-approved content)
- No permissions – the user won’t see the field at all
Once you have a defined set of actions a user can do, you need to decide where they can do it. This is where Scope comes in – scope determines which entities you can take those actions on.
The options for Scope are:
- Full Account
If you wanted a user to have access to multiple folders or entities, you’d need to create additional Access Controls to the user with the Role and Folder/Entity specified for each.
Some permissions are account-level only, which means that even if you include the permission in a role, a user in that role will only have access to that permission if the scope is set to Full Account.
Custom field management is an example of this. If you need a user to manage custom fields, but you only want them to be able to edit a certain folder of entities, you’d need to create 2 Access Controls — one with the Manage Custom Fields role on the Full Account scope, and one with the Edit Entities role on the Folder scope.