New Feature: User Roles
Last updated
Last updated
We've overhauled and simplified our user access system while giving you the flexibility to have things set just as you need them.
Now, rather than needing to set individual combinations of access each time you create a new user account, all you have to do is pick the role they're in. Each role has a number of access options configured for it which determines what users can see and do in Enate.
Watch this video to find out more:
Along with this, we've also added a much more detailed breakout for what access levels are available, allowing you to configure roles and access to precisely match your business requirements.
We've created a number of standard pre-configured roles available that give your users various levels of access to Work Manager and Builder.
If a standard role doesn't quite fit the bill, you can create custom roles that allow you to fine-tune levels of access to give users the exact combination of access levels they need.
Custom roles might be particularly useful in the following circumstances:
In Work Manager: You may wish to create a custom role for your more senior team members which falls part-way between the standard 'Team Leader' and 'Team Member' roles, giving them access to some Team Leader-like features without needing to have them fulfil that role entirely.
In Builder: Custom roles can be very useful in larger organizations where you might want to delegate e.g. user management or localized Case/Ticket maintenance access in Builder to more local resources, while keeping shared configuration activities for master data to a more select few people.
In line with this, we are also displaying role and access information when you click on someone in your team in Work Manager. You will see their profile picture, the title of their role, its description (if one has been added), as well as a list showing which features that the user has access to. Please note that this is a read-only display and will mean that Team Leaders will no longer have direct access to the four previously shown feature access options. However, access to the more comprehensive User Management section in Builder by speaking with your admin.
(Note that as part of upgrading, all users will be assigned and operations role, and some users also assigned a Builder role).
You can assign the relevant roles to a user in the Service Agents section of Builder by:
Clicking to edit a user and then selecting the relevant roles from their access tab OR
Clicking on the user's role directly from the grid of user accounts, on the 'Operational Role' or 'Builder Role' column. This will then bring up the user's access tab:
Users can be given two roles: they must have an Operational role which grants them access to the relevant features in Work Manager and, if they need to access Enate Builder, they can be given a Builder role too. This Builder Role will give them access to build and maintain the data which underpins your business processes in Enate. The majority of your user base will likely be assigned with just an operational role, but your administrators, business analysts and some operational super users will also be assigned a Builder role. If you do not assign a Builder role to a user, they will not be able to access the Builder app.
One thing that is important to note is that a user is not able to edit the access levels of the role they have been assigned, nor are they able to assign themselves a new role. This must be done by another user.
If you change a user's role while they are logged into the system, the user will be automatically logged out with a warning message stating that their user session has ended. When the user logs back into the Enate system, they will be able to see and access the features that have been enabled for the new role they have been assigned.
If you edit the details a user's role while they are logged into the system, they will not be automatically logged out of the system, but they will not be able to use or see the changes to their role until they have logged out and logged back into the system.
You can view, create and maintain your user roles in the new User Roles section of Builder - click on User Management and then select User Roles from the dropdown.
Here you will see the standard roles available in the system, as well as any custom roles you have and this is where you can create and maintain your custom roles.
Clicking on a user role will bring up the details for that role, including its name, description and access to which features are enabled for it.
Note that you will not be able to edit the name, description or feature access for standard roles.
Enate provides some standard pre-configured roles to give your users access to the various Work Manager and Builder features that they need, which already have a variety of feature access options enabled. The feature access options for these standard roles cannot be edited.
There are two standard operational roles:
Team Member - this is for Agent users who process Tickets, Actions & Cases
Team Leader - this is for senior members who manage a Team and set Queues they oversee
The table below shows access to which features are enabled for team member and team leader roles
Work Item Creation
Can Create Individual Work Items
Yes
Yes
Can Bulk Create Work Items
No
Yes
Work Item Assignment
Can Assign to Anyone
No
Yes
Can Assign to Themselves
Yes
Yes
Can Unassign
No
Yes
Work Item Options
Can Override Due Date
Yes
Yes
Can Split Tickets
Yes
Yes
Can Merge Tickets
Yes
Yes
Can Convert to Case
Yes
Yes
Can Edit Defects Logged by Others
Yes
Yes
Can Edit Time Tracker Entries Logged by Others
No
Yes
Can Access Custom Data in Peer Review Actions
Yes
Yes
Can Delete Email Attachments
No
No
Queues & Team Members
Can View Queues & Team Members
Yes
Yes
Can Work on Items Outside their Queues
Yes
Yes
Can Set Up Team & Queues
No
Yes
Email View Options
Can Access Email Inbox, Sent Items & Outbox
Yes
Yes
Can Access Unprocessed Emails
Yes
Yes
Can View Blocked Email Addresses
Yes
Yes
Can Edit Blocked Email Addresses
No
Yes
Contacts
Can Access Contacts Page
No
No
Advanced Search
Can Access Advanced Search Page
Yes
Yes
Can Export Advanced Search views to Excel
No
No
Reports
Can Access Reports
Yes
Yes
Can Create Custom Reports
No
Yes
There are three standard Builder roles:
Local Builder - this provides more limited access to configure Ticket & Case processes
Master Builder - this provides users with access to create shareable master data, configure processes and set live
System Administrator - this provides full access to all configuration features in Builder, including integrations
The table below shows access to which features are enabled for the standard Builder roles:
Edit Business Entities
Companies
Yes
Yes
Yes
Contracts
Yes
Yes
Yes
Service Lines
No
Yes
Yes
Services
Yes
Yes
Yes
Edit Processes
Cases
Yes
Yes
Yes
Tickets
Yes
Yes
Yes
Edit Shared Process Data
Action General Settings
No
Yes
Yes
Action Types
No
Yes
Yes
Allocation Settings
No
Yes
Yes
Case Types
No
Yes
Yes
Due Date Settings
No
Yes
Yes
Ticket Categories
No
Yes
Yes
Ticket Types
No
Yes
Yes
Edit Queues
Queues
Yes
Yes
Yes
Set Tickets & Cases Live
Set Tickets & Cases Live
No
Yes
Yes
Edit Scheduling
Fixed Frequency Schedules
Yes
Yes
Yes
Schedules
Yes
Yes
Yes
Schedule Structures
No
Yes
Yes
Edit Calendars
Calendars
Yes
Yes
Yes
Edit Custom Cards & Data
Custom Cards & Data
Yes
Yes
Yes
Access User Management
Robot Farms
No
No
Yes
User Roles
No
No
Yes
User Groups
No
No
Yes
Users (Service Agents & Self Service Users)
No
No
Yes
Edit Mailbox Settings
Email Routes
Yes
Yes
Yes
Email Connectors
No
Yes
Yes
Edit Email Content
Canned Responses
No
Yes
Yes
Email Templates
No
Yes
Yes
System Settings
System Settings
No
No
Yes
Edit Integrations
Marketplace Configurations
No
No
Yes
Edit Localizations
Localizations
Yes
Yes
Yes
Delete Items
Delete Items
Yes
Yes
Yes
If the standard roles don't quite match your organization's needs, you can create custom roles and customize the levels of access within the role.
You create and maintain custom roles from the User Roles section of Enate Builder.
To create a custom role for Work Manager, click the '+ Create New Custom Role' option in the Operational Roles tab, and to create a custom role for Builder, click the '+ Create New Custom Role' option in the Builder Roles tab.
You can create a brand new custom role in two ways:
Option 1 - From scratch, starting from a blank role where you will need to populate all your desired role data
Option 2 - By cloning an existing role (standard or custom) and adjusting the data accordingly. This option is useful if you only want to make a slight adjustments to an already existing role.
Whether creating from new or cloning from existing, proceed by giving your new custom role a name, description and then select what features you want the role to access. Once you have created your role be sure to save it before exiting the page.
There are a large number of access options available to choose from when you are defining a role's access to the various features in Enate. The full list of operational access options are listed below.
Note that if access to a feature has not been given, the option/button for that feature will be hidden.
Work Item Creation
Create Individual Work Items
This gives the user access to the following features:
Bulk Create Work Items
Note that the 'Create Individual Work Items' option must be enabled for this 'Bulk Create Work Items' option to be enabled.
Work Item Assignment
Assign to Anyone
Assign to Themselves
Unassign
Work Item Options
Override Due Dates
Split Tickets
Note that the 'Create Individual Work Items' option must be enabled for this 'Split Tickets' option to be enabled.
Merge Tickets
Convert to Case
Note that the 'Create Individual Work Items' option must be enabled for this 'Convert to Case' option to be enabled.
Edit Defects Logged by Other
Note that even without this access option, users are still able to add a new defect and edit, mark as resolved and delete defects that were added by themselves.
Edit Time Tracker Entries Logged by Other
Note that a user will always be able to modify their own time entries regardless of this access option.
Access Custom Data in Peer Review Actions
Note that even without this permission, users are still able to view custom card data and to choose if the review was a Pass, Fail or was Unable to be completed.
Delete Email Attachments
Queues & Team Members
View Queues & Team Members
Work on Items Outside Their Queues
This gives a user access to work on items assigned to any Queue (permissions permitting), as opposed to only being able to work on items which are specifically assigned to Queues that they are a part of.
Note that users will still be able to work on items that are not assigned to a Queue. Additionally, if this option is switched off users can continue to work on items which were already assigned to them that are not in their Queues. These items can be unassigned from the user manually.
Setup Team & Queues
Email View Options
Access Email Inbox, Sent Items & Outbox
Access Unprocessed Emails
View Blocked Emails Page
Note that this access option does not give users the ability to edit blocked emails information - they will need the 'Edit Blocked Email Address Entries' access option to be switched on as well.
Edit Blocked Email Address Entries
Note that the 'View Blocked Emails Page' access option must be enabled in order for the 'Edit Blocked Email Address Entries' access option to be enabled.
Contacts
Access Contacts Page
Advanced Search
Access Advanced Search
Export Advanced Search Views into Excel
This gives a user access to the Export to Excel feature in the Advanced Search page that allows users to export their Advanced Search views into Excel.
Note that the 'Access Advanced Search' option must be enabled in order to enable the 'Export to Excel' option.
Reports
Access Reports
This gives a user access to the Reports feature, available from the nav menu, where they can view and edit reports to visualize desired data.
Note that in order to enable this option, you must select at least one report the users in the role will be able to access from the resulting Report List option.
Create Custom Report
This gives a user access to the advanced features on the Reports page - they can create brand new visuals and delete existing visuals.
Note that the 'Access Reports' option must be enabled in order to enable the 'Create Custom Reports' option.
Report List
Choose which reports the role will be able to access
This allows you to choose which standard report(s) you want the users in the role to be able to access. You must select at least one.
Note that the Report List will not appear as an option until the 'Access Reports' option has been enabled.
The full list of Builder access options are listed below.
Note Builder access options provide access to edit the relevant information. You will always be able to view the information if you have Builder access, but will need specific feature access to be able to edit. The only exception to this rule is that access to even view information about users - service agents, robots and self service users - is dependent on having that feature access enabled. If you do not, the User Management area will be hidden from view.
Additionally, all users (who are not robots) who have access to Builder are able to access and edit Application Credentials, found under User Management.
Edit Business Entities
Customers
Contracts
Service Lines
Note that Ticket Category details for a service line can still be edited by users without the 'Service Lines' access option if the 'Ticket Categories' access option is enabled for them.
Services
Edit Processes
Cases
Create a brand new Case process
Clone from an existing Case process
Add, move and delete existing Action types in series, parallel or in conditional flows
Add and edit general Case information in the Case info tab. Note that where applicable, they will only be able to choose from existing settings i.e. they will be able to add existing due date settings and allocation settings to the Case process, but will not be able to create new settings or edit the information within them as access to do so is controlled by different access setting options ('Allocation Settings' and 'Due Date Settings' in 'Edit Shared Process Data').
Add and edit Action information in the various Action info tabs. Note that where applicable, they will only be able to choose from existing settings i.e. they will be able to add existing due date settings, allocation settings and general Action settings to the Case process, but will not be able to create new settings or edit the information underlying them as access to do so is controlled by different access setting options ('Allocation Settings', 'Due Date Settings' and 'Action General Settings' in 'Edit Shared Process Data').
Add existing custom cards to the Case and its Actions
Restore a retired process
View the activity history of the Case
Decide whether to allow the Case to be started from the Contact Activity page in Work Manager
Decide whether to allow the Case to be started from Self Service
Save their updates
Note that this access option does not allow users to:
Create new Action types from the Case screen - this access is dependent upon the 'Action Types' access option under 'Edit Shared Process Data'
Set the Case process live - this access is dependent upon the 'Set Tickets & Cases Live' access option
Create new or update existing allocation settings, due date settings and general action settings. They will only be able to choose from existing settings as access to create or edit these settings is controlled by different access setting options ('Allocation Settings', 'Action General Settings' and 'Due Date Settings' in 'Edit Shared Process Data').
Tickets
and With this access option, users can:
Create a brand new Ticket process
Clone from an existing Ticket process
Add existing Ticket categories into the Ticket process
Add and edit Ticket category information. Note that where applicable, users will only be able to choose from existing settings i.e. they will only be able to add existing due date and allocation settings, and will not be able to create new categories or edit the information underlying existing categories as access to do so is controlled by different access setting options (the 'Ticket Categories' access setting option in 'Edit Shared Process Data')
View the activity history of the Ticket process
Decide whether to allow the Ticket process to be started from the Contact Activity page in Work Manager
Add existing custom cards and email templates
Decide whether to allow the Ticket to be started from Self Service
Save their updates
Note that this access option does not allow users to:
Create new Ticket categories - this access is dependent upon the 'Ticket Categories' access setting option under 'Edit Shared Process Data'
Set the Ticket process live - this access is dependent upon the 'Set Tickets & Cases Live' access setting option
Create new or update existing allocation settings or due date settings. They will only be able to choose from existing settings as access to create or edit these settings is controlled by different access setting options ('Allocation Settings' and 'Due Date Settings' in 'Edit Shared Process Data')
Create new or update existing Ticket categories. They will only be able to choose from existing categories as access to create or edit Ticket categories is controlled by different access setting options (the 'Ticket Categories' access setting option in 'Edit Shared Process Data')
Edit Shared Process Data
Action General Settings
Note that the 'Edit Cases' access option under Edit Processes must be enabled in order for a user to edit Action general settings.
Action Types
Allocation Settings
Note that either the 'Edit Cases' or 'Edit Tickets' access options under Edit Processes must be enabled in order for a user to edit allocation settings.
Case Types
Due Date Settings
Note that the 'Edit Cases' or 'Edit Tickets' access options under Edit Processes must be enabled in order for a user to edit due date settings.
Ticket Categories
Ticket Types
Edit Queues
Queues
Set Tickets & Cases Live
Set Tickets & Cases Live
Edit Scheduling
Triggers
Schedules
Schedule Structures
Edit Calendars
Calendars
Edit Custom Cards & Data
Custom Cards & Custom Data
Edit User Mngmt
Robot Farms
Note that the 'Users (Service Agents, Robots & Self Service Users)' access option must be enabled in order for a user to edit robot farm data.
User Roles
This option gives users access to create and edit user roles.
Note that a user with this access option will not be able to edit their own user role.
User Groups
Access & Edit Users (Service Agents, Robots & Self Service Users)
Edit Mailbox Settings
Email Routes
Email Connectors
Note that without this 'Edit Connectors' access option, the Office 365 Integration will be hidden in the System Settings page.
Edit Email Content
Canned Responses
Email Templates
Edit System Settings
System Settings
Edit Integrations
Marketplace Configurations
Edit Localizations
Localizations
Delete Items
Delete Items
This option gives users access to delete objects that they have edit permissions for.
Note that you cannot enable the Delete option without having enabled one of the edit options first for Builder Roles.
When upgrading to version 2023.3 or above of Enate, users will be migrated into user roles based on the following logic:
If a user's access level matches the same access levels set for standard roles (see above), then their user account will be automatically assigned to one of Enate's standard roles as part of migration.
If a user's access level does not match one of the standard roles, they will be migrated to a new custom role, with access level options set to exactly match the user's existing access levels. The new custom role will be named 'Custom Role ' followed by a number signifying how many custom roles the system has had to create during migration, so a full name could be 'Custom Role 1', 'Custom Role 2' and so forth. These automatically created custom roles are fully editable, so their name, description and access level options can be modified after upgrade.
The lists below show the configurations of the various pre-2023.3 user access settings for Work Manager users that would lead to their account being migrated to one of the two standard Work Manager roles - Team Leader or Team Member.
User Access profile which results in a user migrating to Team Leader standard role:
Team Leader
Yes
Setting found in the pre-2023.3 Access tab in the Service Agents page in Builder
Allow Email Attachment Deletion
No
Setting found in the pre-2023.3 System Settings page under General Settings
Restrict Defect Modification
No
Setting found in the pre-2023.3 System Settings page under General Settings
Restricted Access to Peer Reviewer on Action Item
No
Setting found in the pre-2023.3 System Settings page under General Settings
User Access profile which results in a user migrating to Team Member standard role:
Team Leader
No
Setting found in the pre-2023.3 Access tab in the Service Agents page in Builder
Can see Peers & Queues
Yes
Setting found in the pre-2023.3 Access tab in the Service Agents page in Builder
Can Assign
No
Setting found in the pre-2023.3 Access tab in the Service Agents page in Builder
Can Create
Yes
Setting found in the pre-2023.3 Access tab in the Service Agents page in Builder
Can Only Work on Items in Their Queues
No
Setting found in pre-2023.3 versions by viewing a team member's profile as a Team Leader in Work Manager
Allow Email Attachment Deletion
No
Setting found in the pre-2023.3 System Settings page under General Settings
Restrict Defect Modification
No
Setting found in the pre-2023.3 System Settings page under General Settings
Restricted Access to Peer Reviewer on Action Item
No
Setting found in the pre-2023.3 System Settings page under General Settings
Users with any combination of feature access other than the above in Work Manager will be migrated to a custom operational role.
Please note that as part of migration, Work Manager users will have their existing feature access maintained. The single with exception to this is that access to the ‘Contacts’ page in Work Manager for Contact record maintenance will not be given by default (see note below).
Post upgrade, users will NOT have access to the Contacts page by default. If you wish users to have access to this page, an adjusted version of their current role would have to be created manually, ticking the ‘Contacts’ option. This would be required for all roles you wish to have access to this page.
The lists below show the configurations of the various pre 2023.3 settings for Builder users that will lead to users being migrated to a standard Builder role - Local Builder, Master Builder or System Administrator.
User Access profile which results in a user migrating to Local Builder standard role:
Can Access Builder
Yes
Setting found in the pre-2023.3 Access tab in the Service Agents page in Builder
Can Access User Management
No
Setting found in the pre-2023.3 Access tab in the Service Agents page in Builder
Can Edit Shared Configuration
No
Setting found in the pre-2023.3 Access tab in the Service Agents page in Builder
Can Set Live
No
Setting found in the pre-2023.3 Access tab in the Service Agents page in Builder
User Access profile which results in a user migrating to Master Builder standard role:
Can Access Builder
Yes
Setting found in the pre-2023.3 Access tab in the Service Agents page in Builder
Can Access User Management
No
Setting found in the pre-2023.3 Access tab in the Service Agents page in Builder
Can Edit Shared Configuration
Yes
Setting found in the pre-2023.3 Access tab in the Service Agents page in Builder
Can Set Live
Yes
Setting found in the pre-2023.3 Access tab in the Service Agents page in Builder
User Access profile which results in a user migrating to System Administrator standard role:
Can Access Builder
Yes
Setting found in the pre-2023.3 Access tab in the Service Agents page in Builder
Can Access User Management
Yes
Setting found in the pre-2023.3 Access tab in the Service Agents page in Builder
Can Edit Shared Configuration
Yes
Setting found in the pre-2023.3 Access tab in the Service Agents page in Builder
Can Set Live
Yes
Setting found in the pre-2023.3 Access tab in the Service Agents page in Builder
Users with any combination of feature access other than the above in Builder will be migrated to a custom Builder role.
Please note that as part of migration, Builder users will have their existing feature access maintained.
If you are upgrading from version of Enate that is earlier than 2023.3 and have Application Credentials that are active, Enate will automatically migrate these credentials into Enate standard roles - a Team Leader role and a System Administrator role.
the
creating a new work item from the
(as this results in the creation of two or more brand new work items)
(as this creates a brand new Case)
sending an email to another that is using Enate that will result in the creation of a new work item for that team.
Creating a
Creating a
Note that users can still use the and they can still .
This gives the user access to use the .
This gives a user access to , either from the homepage or from within the work item itself.
This gives a user access to , either from the homepage or from within the work item itself, or from .
This gives a user access to , either from the homepage or from within the work item itself.
This gives a user access to from within the work item screen by clicking on the due date in the header and changing the date in the resulting pop-up (if the work item has been set up in Builder to allow the due date to be overridden).
This gives a user access to use the feature.
This gives a user access to use the feature.
This gives a user access to use the .
This gives a user access to edit, mark as resolved and delete that have been logged by other people.
This gives a user access to edit the time entries in the that have been logged by other people.
This gives a user access to edit custom card data in a .
This gives a user access to from the files tab section of a work item.
This gives a user access to view their and in the , as well as access to view their team's work or owned work via the 'Team Work Inbox' and 'Team Owned Work' .
This gives a user access to the via the 'Queues' page from the nav menu.
This gives a user access to the , and features, available from the nav menu.
This gives a user access to the , where users can review the unprocessed emails that have arrived into the system and decide how to deal with them (i.e. creating a work item from the email or deleting the email).
Note that if the 'Create Individual Work Items' access option setting is not enabled, users will not be able to .
This gives a user access to view the and therefore access to view information for emails that have been blocked.
This gives a user access to edit the information for emails that have been blocked in the .
This gives a user access to the where they can view and manage external contacts, available from the 'Contacts' option in the nav menu.
This gives a user access to the where they can create search views of work item data in their business area.
This option gives users access to .
This option gives users access to .
This option gives users access to .
This option gives users access to .
This option gives users access to create and . With this access option, users can:
This option gives users access to create and .
This option gives users access to create and edit in Case processes.
This option gives users access to create and edit Action types from either the screen or from .
This option gives users access to create and edit for processes, regardless of their access to edit Cases or Tickets.
This option gives users access to create and edit Case types from either the screen or from the screen.
This option gives users access to create and edit for processes, regardless of their access to edit Cases or Tickets.
This option gives users access to create and edit , either from the screen or from itself.
This option gives users access to create and edit Ticket types from either the screen or from the screen.
This option gives users access to create and edit Queues, either or .
This option gives users access to set and live, both from within the process itself and from the service matrix.
This option gives users access to create and edit - these allow you to drive Case creation based on a repeating frequency to trigger automatic creation.
This option gives users access to create and edit .
This option gives users access to create and edit - .
This option gives users access to create and edit - working calendars are linked to contracts and are used in day to day processing of work items to help determine precise due dates.
This option gives users access to create and edit and .
This option gives users access to create and edit , accessible when creating or editing a robot user account.
This option gives users access to create and edit .
This option gives users access to view, create and edit , and .
This option gives users access to create and edit .
This option gives users access to create and edit , as well as access to view, create and edit an where you can sync Enate to Office 365 email boxes, available in the page.
This option gives users access to create and edit .
This option gives users access to create and edit .
This option gives users access to create and edit . These are the settings that take effect across the entire system and includes , , , , , password policy and SSO settings.
Note that users will not be able to create and edit from here unless the 'Queues' access option has also been enabled. Additionally, note that the , where you can sync Enate to Office 365 email boxes, will be hidden unless the 'Edit Connectors' access option is enabled.
This option gives users access to create and edit app integration configurations in .
This option gives users access to create and edit .
