When you need to have several configurators working in Agillic or need to grant restricted access to Agillic, you can use User Profiles. They allow you to control the level of access different configurations have to work on your instance. This could be useful to prevent access to sensitive data or to access Flows as a non-configurator.
By default, Agillic grants full access to each of the users, but you can change this based on your needs.
It's important to remember that Profiles and User Profiles are unique to each environment. Therefore, you'll need to create the user and User Profile on 'Staging' and 'Production' if the user needs access to both instances.
In this article, you'll find information about best practice for the following Profile Groups:
Agillic's Recommended Best Practice for Profile Groups
Full Access
A Full Access user should be a trained configurator in Agillic with the need to access everything. This is the only user who can create other Full Access Users in Production and Staging.
This User Profile is the only default User Profile on both Staging and Production.
The Full Access User Profile has access to:
- Full Access to Applications
- Full Access to Sensitive Data
- Full Remote Access
A Full Access User Profile
The Data Manager
The Data Manager should be a user with the need to import and export data in Agillic. This User Profile should be created on both Staging and Production.
The Data Manager User Profile should have a few different types of access.
Application Access:
- Flows - allowing the User Profile to create exports of Flows.
- Data - creating Data fields, import, and export settings.
- Administration in the System Settings - allowing changes to global import and export settings.
- Publish - allowing the publish of export Flows to production.
Data Access:
- Can see sensitive data, also from Production. This protects export files that also contain sensitive data.
Remote access:
- API - for API import of users.
- Import - to upload import-files via WebDAV.
- Export - to download export-files via WebDAV.
A Data Manager User Profile
The External Developer
The External Developer will often be tasked with integrations like the import and export of data by using various features. The Profile Group should be created on both Staging and Production.
The External Developer should also have a number of different types of access.
Application Access:
- Data - access to Data fields needed for integrations.
- Administration
- Integrations - to set up integrations.
- System Settings - to control import and export settings.
Data Access:
- Can see sensitive data - to ensure export files also contains sensitive data.
Because of this, no access is needed for application access. However, data access is set to 'can see sensitive data'.
- API - Legacy - In case the developer needs to work with the Legacy API.
- Import - To access the import folder for automated imports.
- Export - To access the export folder for automated exports.
- Logs - To access log files for testing purposes.
An External Developer User Profile
The Internal Developer
The internal developer is someone who is often used to develop Extensions and custom applications in your Agillic instance. This User Profile should only be created on Staging.
The Internal Developer should have access to:
Application Access:
- Flow - to create Flows for testing extension steps.
- Content - to create Webpages for testing custom applications.
- Data - to verify and create data fields for extensions or custom applications.
- Publish - to publish changes to Staging for testing.
Data Access:
- Can see sensitive data - to verify data changes from extensions or custom applications.
Remote Access:
- No Remote access needed.
Note that all User Profiles will have access to the Media Browser via WebDAV. This allows the internal developer to easily upload and modify custom code.
An Internal Developer User Profile
The Configurator
The Configurator is a User Profile that needs to be able to work in Agillic with access to create and execute a campaign. This User Profile should only be created on Staging.
The Configurator should have access to:
Application Access:
- Flow - to create, schedule, and execute Flows.
- Content - to create and edit content.
- Promotion - to create end edit Promotions.
- Data - to create Target Groups and custom Events.
- Publishing - to publish changes to Staging or Production.
Data access:
- Can see sensitive data - to control data configuration based on sensitive data.
Remote Access:
- No remote access is needed.
A Configurator User Profile
The Advisor Agent
The Advisor Agent is someone who should have access to your Advisor Portal if you've created one. This User Profile is needed for anyone who is using the Advisor Portal. This User Profile should only be created on Production.
The Advisor Agent should have access to:
Application Access:
- No application access needed.
Data access:
- Can see sensitive data, also from Production - to see sensitive data in the Advisor portal.
Remote Access:
- No remote access is needed.
Note that any advisor Users will have access to both Agillic and your Advisor Portal.
An Advisor Agent User Profile
If you'd like to create a different User Profile, you can create a new one. Read more about creating a Profile Group here.
Suggested Next Steps
- How to Create a Profile Group for Accessing Agillic
- How to Create a User Profile for Accessing Agillic