Security attributes allow you to restrict user access to multiple objects based on certain criteria. Security attributes are custom-created. You must request them from our team. Security attributes are associated with users. Thus, the system compares the attributes of the person who created an object with those of the user who wants to use this object to validate access. These attributes can be used in permission groups as criteria that must be met for a user to have permission for the modules linked to this permission group. Ideally, attributes should be well defined from the beginning when setting up your account.
Assigning Security Attributes to a User
When creating a user, you must specify the attribute and enter a value if required. Once added, you can see the attribute in the user's contact profile.
Most commonly used examples:
- Store name
- Store code
- Department
- Region
When a contact is associated with a central office or region AND its store or local entity, they see everything done by users with either attribute. This validates that the user matches the permissions for that store.
When a user creates an object, that object inherits the user's attributes. Therefore, when a user with attribute X creates a message, that message will inherit attribute X. Users must have attribute X to use that message.
Objects supported by the Security Attributes
Here is a non-exhaustive list of what can be controlled by the security attributes:
- Messages
- Groups
- Automated campaigns
- Sendings (batches)
- Emails
- SMS
- Messages statistics