- 05 Dec 2023
- 3 Minutes to read
- Print
- DarkLight
- PDF
User Management
- Updated on 05 Dec 2023
- 3 Minutes to read
- Print
- DarkLight
- PDF
On the User Management page, you can add, edit, or delete user accounts for your Organization. By default, Mindful users log in with a combination of email address and password.
- Single Sign-On (SSO) is also available. For more information, see the Single Sign-On (SSO) Configuration Guide and Single Sign-On (SSO) FAQ.
- It is possible to use both SSO and default email/password users at once. When SSO is enabled, any users trying to log in to Mindful directly with an email address on the SSO domain will be forwarded to the SSO provider. For example, if getmindful.com were configured as the forwarding domain and a user tried to log in with JDoe@getmindful.com, that user would be forwarded to the SSO provider.
- Only Administrators or Mindful staff can add new user accounts.
Adding New User Accounts
Quick access: Organization > User Management
- On the User Management page, click Invite Users.
|
Editing User Accounts
On the User Management screen, click the Edit icon in the row of the user account you want to edit. This opens the Edit User modal.
- Email - The user's email may be updated, but they will have to log in again with the new email address once this change is saved.
- Name - The user's name may be updated.
- Roles - The user's Role may be changed.
Click Save when finished.
Deleting user accounts
This action can only be performed by users with Administrator access.
- On the User Management page, click Delete in the row of the user account that you want to permanently remove. When prompted, confirm the deletion.
User roles and permissions
There are three user roles that can be assigned to users in your Mindful Callback Organization. Each role is assigned different permissions and can access different parts of the system to view information or change configuration.
- Administrator: The Administrator role can view all screens and update the majority of configurable settings on the platform. Administrators do not have access to a few optional features on the Global Settings and Call Targets screens. This role should be assigned to those responsible for maintaining and configuring your Callback system.
- Manager: The Manager role has nearly the same level of access as the Administrator, but Managers have access to fewer features on the Global Settings screen. This role should be assigned to those responsible for managing teams.
- Viewer: The Viewer role can view all call data and reporting features, with the exception of audit reports. Viewers can view Call Target Phone Numbers. However, Viewers cannot make changes on any screens. This role should be assigned to those who need access to callback information and reporting data, but who are not responsible for configuring the system or managing users.
Roles and permissions table
Administrator | Manager | Viewer | |
---|---|---|---|
Callback Status | All | All | All |
Call Detail | All | All | All |
Insights | All | All | All |
Reports | All | All | All except for Audit reports |
Handoff | All | All | View only |
Global Settings | Most settings (some are reserved for Mindful staff) | Some settings (no Messaging) | None |
Call Targets | Most settings (some are reserved for Mindful staff) | Most settings (some are reserved for Mindful staff) | None |
Smart Rules | All (if enabled by Mindful staff) | All (if enabled by Mindful staff) | None |
Business Units | All | None | None |
Media Sets | All | All | None |
Phone Numbers | All | All | View only |
Scheduler | All | All | None |
Datastore | All | Agent role - Can lookup Data Sets by contact number only | |
Organization | All | Can read and edit users and roles, but cannot add or delete | View Only |
Alerts | All | All | View Only - cannot acknowledge/clear alerts |
User profile | All | All | All |
Authentication Security
Several security measures are in place to restrict abnormal attempts to access the platform:
- Passwords are masked in the UI on the login page and user account page.
- Users are automatically logged out after 15 minutes of inactivity.
The following actions will cause a user account to be locked out for 30 minutes:
- Three failed login attempts are made within 15 minutes.
- A new attempted login occurs within three seconds of the last failed attempt.
Note that the count of login attempts does not reset based on a timer. Rather, it only resets upon a successful login, regardless of how much time has passed. Also, there is no way to lift the 30-minute lock-out period. After being locked out, a user must wait 30 minutes before attempting to log in again.