When you create a new subscriber account in Personalization, in Configure > Teams & Permissions, Personalization creates four groups whose names are composed of your subscriber name followed by one of the names from the following list (for example, one of your groups may be named ExampleInc administrators):
- Administrators: Users have access to all available Personalization features, including managing users and group security.
- Users: Users can see people’s details and manage segments.
- API Users: Users have access to API functions, and are used for API authentication. A special permission group used specifically to deliver personalizations to anonymous website visitors.
- Full API Users: A set of master API keys used for connecting to the Rest APIs. While individual user administrative keys also have access, you may want a group of API keys not tied to a user in case the user leaves your organization and their account and keys are deprovisioned.
Creating a new security group
You may want to configure certain users’ permissions and access to subscriber accounts differently than the default. To do so, you can create a new security group. For example, you can create a Managers security group whose members can view people and run reports, but can’t create segments.
To add a new security group:
- Sign in to Personalization, and then click the Configure tab.
- Go to Teams & Permissions > Add new security group. Personalization displays the Security Group Details page.
- In the Name and Description fields, enter a name for the security group you want to create, and a brief explanation of its intended function.
- In the Linked Security Resources list, click an item you want to make available to the security group as a link. For example, clicking Manage Permissions Link displays a link that members of the security group can click to manage the permissions of all security groups. Clicking Admin Tab displays a link allowing users in the security group to access the Admin tab and its functions.
- Click Add to add the item to the list of linked security resources for the security group. Personalization displays the name of the item in a table.
- Depending on your needs, repeat steps 4 and 5 to add more linked security resources to the security group.
- In the Linked Customers list, click the name of a customer whose account you have permissions to access, and whose name you want to make available to the security group as a link. Making the subscriber available as a link means the members of the security group can access this subscriber’s account. Click Add to add the item to the table of linked customers for the security group.
- Depending on your needs, repeat step 7 to add more customer links to the security group.
- Click Save to create the new security group.
Managing security groups
To list and manage security groups:
- Sign in to Personalization, and then click the Configure tab.
- From the left menu, click the Teams & Permissions link. Personalization displays a list of security groups.
To edit a security group, click its name and change its values as required.
To delete a security group, find the security group you want to remove, and then click its Delete link.
Troubleshooting permission and access issues
If your users are having difficulty accessing sections of the website they should have permissions for, use the following two procedures to ensure the accounts are configured as expected.
Ensure API keys and credentials are valid in the subscriber account and region
If your Personalization user is configured for the wrong region, they can’t sign in.
Checking user permissions
If the account exists as expected in the system, but access still isn’t working, check the permission group associated with the account. Ensure it has the appropriate permission resources assigned.
- Sign in to Personalization, click Configure > Teams & Permissions.
- Click the permission group the user is in.
- Review the permissions, and add any needed assets.
- If the permissions look correct, re-save the permission group and then re-save the individual user account. The process will refresh the permissions in the system.
Managing permissions in Personalization
When you create a new subscriber account in Personalization, in Configure > Teams & Permissions, Personalization creates four groups whose names are composed of your subscriber name followed by one of the names from the following list (for example, one of your groups may be named ExampleInc administrators):
- Administrators: Users have access to all available Personalization features, including managing users and group security.
- Users: Users can see people’s details and manage segments.
- API Users: Users have access to API functions, and are used for API authentication. A special permission group used specifically to deliver personalizations to anonymous website visitors.
- Full API Users: A set of master API keys used for connecting to the Rest APIs. While individual user administrative keys also have access, you may want a group of API keys not tied to a user in case the user leaves your organization and their account and keys are deprovisioned.
Creating a new security group
You may want to configure certain users’ permissions and access to subscriber accounts differently than the default. To do so, you can create a new security group. For example, you can create a Managers security group whose members can view people and run reports, but can’t create segments.
To add a new security group:
- Sign in to Personalization, and then click the Configure tab.
- Go to Teams & Permissions > Add new security group. Personalization displays the Security Group Details page.
- In the Name and Description fields, enter a name for the security group you want to create, and a brief explanation of its intended function.
- In the Linked Security Resources list, click an item you want to make available to the security group as a link. For example, clicking Manage Permissions Link displays a link that members of the security group can click to manage the permissions of all security groups. Clicking Admin Tab displays a link allowing users in the security group to access the Admin tab and its functions.
- Click Add to add the item to the list of linked security resources for the security group. Personalization displays the name of the item in a table.
- Depending on your needs, repeat steps 4 and 5 to add more linked security resources to the security group.
- In the Linked Customers list, click the name of a customer whose account you have permissions to access, and whose name you want to make available to the security group as a link. Making the subscriber available as a link means the members of the security group can access this subscriber’s account. Click Add to add the item to the table of linked customers for the security group.
- Depending on your needs, repeat step 7 to add more customer links to the security group.
- Click Save to create the new security group.
Managing security groups
To list and manage security groups:
- Sign in to Personalization, and then click the Configure tab.
- From the left menu, click the Teams & Permissions link. Personalization displays a list of security groups.
To edit a security group, click its name and change its values as required.
To delete a security group, find the security group you want to remove, and then click its Delete link.
Troubleshooting permission and access issues
If your users are having difficulty accessing sections of the website they should have permissions for, use the following two procedures to ensure the accounts are configured as expected.
Ensure API keys and credentials are valid in the subscriber account and region
If your Personalization user is configured for the wrong region, they can’t sign in.
Checking user permissions
If the account exists as expected in the system, but access still isn’t working, check the permission group associated with the account. Ensure it has the appropriate permission resources assigned.
- Sign in to Personalization, click Configure > Teams & Permissions.
- Click the permission group the user is in.
- Review the permissions, and add any needed assets.
- If the permissions look correct, re-save the permission group and then re-save the individual user account. The process will refresh the permissions in the system.
Personalization