Article contents:
Account general settings
Managing users and access permissions is available only to master-users.
Altcraft MP account master-users have access to Settings section of the main menu containing the following pages:
- Account settings - uncategorized account settings.
- Users - Altcraft account user profiles.
- Roles - user and API token access roles.
- Action hooks - exporting Altcraft events to external systems. .
- Tokens - access tokens for requesting Altcraft services via API.
- Sending policies - per recipient messaging restrictions.
- Virtual senders - grouping rules for platform's real senders - by access group, to or from domains.
- Custom links - custom redirects for unsubscribe and confirm links .
- Audit log - account activity log for security purposes.
Access groups
Access groups allow you to grant users and API tokens access to certain account objects (e.g. databases, segments, campaigns, templates) while restricting access to other objects. A group is basically a container with a set of objects. Thus a user, while working within an assigned container, cannot access objects from other containers.
Groups are when you need to organize separate workspaces for different departments of your company - within one account with shared statistics and supervisor access. Another situation is when you need a separate workspace for outsource specialists like email designers or data integrators.
If you need whole separate workspaces - with no shared statistics, data and supervision access - consider creating several platform accounts within one Altcraft instance. Accounts can use shared or individual resources and components. For all instance accounts a Global suppression list is maintained as a shared resource.
Main group
Main group is created by default - it contains all account objects, including those assigned to any other group. If you delete a custom group all its objects are not removed - but reassigned to Main group. If you don't need to divide your workspace - feel free to use Main group for all objects you create.
Master-users have full access to Main group with all permissions - no matter which groups and roles are assigned to them.
Create/assign groups
Groups are created and assigned dynamically, while editing any account object - in its General settings section. To assign an existing group, select it from the Set group dropdown. Message template is for example here:
To create a new group, simply enter its name into the same dropdown menu - and press Enter on your keyboard or Add %group_name% in the interface:
Any object created by a user will be assigned to the group, the user is currently working in.
Switch/delete groups
Groups, available to Altcraft users, are displayed in a dropdown menu in the top right corner of the application, next to profile avatar. A user can switch groups from any account object list.
A master-user can delete groups from the same dropdown menu.
Roles
A role defines which actions are permitted to a user or an API token within the assigned access groups. To manage roles in the main menu select Settings → Roles:
The list you will see contains the existing access roles. You can edit, clone or delete a role in a context menu on the right side of the list. To edit a role you can as well click on its name. To create a new role click + Create in page header.
Any role has 3 parameters:
- Role name. A master user can assign roles to users by their unique names.
- Groups where the role permissions are applied.
- Permitted actions with account objects.
If Main group is selected in a role, role permissions will be applied to all account objects. Master-users are not affected by group and role restrictions.
You can set Object view and Create & edit permissions for any object of the account. For databases, segments, suppression lists and resources Read & download permissions are available - to export and download data.
A role without Activate access in Message templates access section will allow users only to save message templates as drafts which are subject to further moderation in order to be used in campaigns. Such restrictions work well for say outsource email template developers.
For Campaigns and Workflows you can restrict Activate option - users with such roles won't be able to launch campaigns and automation workflows. Another user with moderator rights can then check and activate them. All the available access permissions are displayed below:
User profiles
Managing Altcraft user profiles is available both in User interface and in Administrative panel. This article contains information about the User interface procedure. To manage user accounts in the main menu select Settings → Users:
The list you will see contains the existing account users. You can edit or remove a user in a context menu on the right side of the list. To edit a user you can as well click on the record's name. To create a new user click + Create in page header.
General settings
In user General settings section specify the following data:
- Username - a unique name to be used in login credentials (username@accountname).
- First name - user's first name.
- Last name - user's last name.
- Contact email - email address for login credentials.
- Interface language - select between English and Russian.
- Date and time formats - set the preferred date and time display formats.
In case authorization is configured via LDAP using your company's directory service - this directory service login will be used together with Altcraft account name: user@company@account. The password is thus set within the directory service as well.
Password and authorization
In Security section you can set and change user's password. When you set a new password you can send new credentials to user's contact email - select Send access information to user option and save changes.
This section will also keep information about the user's latest login - time and IP address.
In case LDAP only is specified for the account in LDAP access settings, managing passwords from User interface loses power.
Access to account objects
In Access section you can configure which actions in which object groups users are permitted to perform:
- Master user - such users will have unlimited access to all account objects (Main group) with no role restrictions. Settings section of the main menu is available for master users - they can manage other user profiles, groups and roles.
- Active user - this option activates the user profile.
- Assigned roles - access roles, defining user permissions.
- Assigned groups - account object groups.
The diagram on the right displays how user groups and roles work together once assigned:
If a role does not work with a group, assigned to a user - adding this role will cause no effect, as user won't have action permissions for this group - even to view objects.
If a role works with a group that is unavailable for a user - it will remain unavailable.
API tokens
API tokens are used for accessing certain platform functions via API. A master user can view, create, edit or delete tokens in Settings → Tokens:
The list you will see contains the existing API tokens. You can edit or remove a token in a context menu on the right side of the list. To edit a token you can as well click on the record's name. To create a new API token click + Create in page header.
For a new token choose a unique name - or leave a system-generated name be. The token itself will get available after you save changes. Token access settings are pretty much the same as user profile settings: assign the necessary groups and roles to a token as you would to a live user.
A token with Main group assigned can access objects from any other group as well.
