- 08 Nov 2024
- 5 Minutes to read
- DarkLight
- PDF
Managing Roles
- Updated on 08 Nov 2024
- 5 Minutes to read
- DarkLight
- PDF
The Roles page enables you to create and manage the roles associated with your account. This functionality is available to Admins (or to any role that has the appropriate permissions).
A Role consists of a set of permissions. Once a role created, it can be assigned to individual users, enabling them to access the OneSpan Sign functionality they need.
If you are looking to migrate the roles and permissions that you defined in your Sandbox account to your Production account, OneSpan Sign has created a small Java application that can do this for you. For more information, see our Roles and Permissions Copy Tool.
To access the Roles page:
Click Admin > Roles.
The Roles page displays the following columns:
Role Name: Displays a list of all roles associated with the account.
Description: Provides a brief description of each role.
Status: Displays the role's current account status, such as Enabled or Disabled. A role that is disabled cannot be added to a user.
You can perform the following actions from the Roles page. Note that some of these actions can be performed only on the roles that you added to the account.
OneSpan Sign supports several predefined roles that cannot be modified or deleted (Manager, Admin, Sender, Notary). It also supports an unlimited number of customized roles. On the Roles page: (1) a globe icon appears next to a global role; (2) a globe icon with a superimposed lock appears next to a predefined role; (3) no icon appears next to a customized local role.
If Enterprise Administration has been enabled for your account a Manager will not be able to assign a delegate for any of their senders.
Searching for a Role
To search for a role associated with your account:
Type the name of the role in the Search box, and click Return. As you type, the list of roles will filter to those that match your search term.
Adding a Role to Your Account
To add a new role to your account:
Click Add, and type the role's name and description. You can also specify if the role is to be immediately enabled.
Click Add Permissions. A list of all possible permissions appears.
Select all the permissions you wish to add to the role. For more about permissions, see Permission Descriptions.
Click Add.
Click Save.
Permission Descriptions
The following permissions can be applied to roles to provide access to various features within your account.
To see which permissions have been assigned to a particular role, select the role. A Role Details pane will provide additional information about the role, including a list of all its permissions.
Not All Features Apply
The permissions visible to you reflect the features enabled for your account. Some of the permissions listed here may not be available for you to select.
No user can change their own permissions.
Available Permissions
Permission | Permission ID | Description |
---|---|---|
Sender Admin Permissions | ||
sender_admin.custom_fields | This permission enables a Sender to create and manage Custom Fields. | |
sender_admin.users | This permission enables a Sender to manage the users associated with their account. | |
sender_admin.subscription | This permission enables a Sender to view the Subscription page, which contains billing details for their account. | |
sender_admin.api_access | This permission enables a Sender to allow customers to communicate with OneSpan Sign from within their own system via REST API calls. | |
sender_admin.event_notification | This permission enables a Sender to view their account's Event Notifications interface. Integrators can use this interface to request an automatic notification of events that concern the account. | |
sender_admin.data_management | This permission enables a Sender to specify how long transactions in various states will be retained on a OneSpan Sign server. | |
sender_admin.customization | This permission enables a Sender to re-brand the Signer Experience in several powerful ways. | |
sender_admin.notary | This permission enables a Sender to enable the IPEN feature on a notary’s account. This feature enables the notary to e-sign and notarize documents in a “notarized transaction”. | |
sender_admin.security_settings | This permission enables a Sender to specify a password policy for their account. | |
sender_admin.self_serve_account_settings | This permission enables a sender to access the Account Configuration page. | |
sender_admin.reports | This permission enables a Sender to view the Reports menu in the Navigation Bar, and thus access reports about their account. | |
sender_admin.role | This permission enables a Sender to manage the roles associated with their account. | |
Group Permissions | ||
groups.group_signing_management | This permission enables an Account Owner or Manager to manage Groups on their account (Sender UI Email Groups). | |
Template and Layout Permissions | ||
Template | templates_layouts.templates | This permission allows administrators to add template access permissions to a role. For example, from the OneSpan Sign UI admins can now configure a role so that a user can see the Templates menu, and from there create, update, and delete templates. Integrators using our APIs can define whether a user can create, edit, or delete templates. |
templates_layouts.share_templates | This permission enables a Sender to make their templates available to other users on their account. | |
| This permission enables a Sender with this permission enabled for their role to create a layout from a transaction they are creating. Note that this permission will override any configurations made in the Designer, meaning that if, for example, a user does not have the Save Layout permission enabled for their role they will not be able to save layouts, even if the Designer has been configured to allow that. | |
templates_layouts.share_layouts | This permission enables a Sender to make their layouts available to other users on their account. | |
| This permission enables a Sender with this permission enabled for their role to apply a layout from a transaction they are creating. Note that this permission will override any configurations made in the Designer, meaning that if, for example, a user does not have the Apply Layout permission enabled for their role they will not be able to apply layouts, even if the Designer has been configured to allow that. | |
Transaction Permissions | ||
transaction.transaction | This permission enables a sender to create, view and edit transactions. | |
transaction.transaction_from_scratch | This permission enables a sender to create, view, and edit transactions. This permission does not automatically give the sender the permission to create a transaction from a template. | |
transaction.transaction_from_template | This permission enables a sender to create, view, and edit a transaction using templates. This permission does not automatically give the sender permission to create a transaction on their own. | |
transaction.in_person | This permission enables a Sender to use the In-Person signing feature on a transaction. | |
transaction.change_signer | This permission enables a signer to delegate their signing responsibilities to another person. | |
transaction.delegation_visibility | This permission enables a delegate to see all the transactions on the account they have been delegated to manage. |
Enabling, Disabling, or Deleting a Role
To temporarily disable a role that has been added to an account, check the box beside it, and then click Disable.
To re-enable a disabled role, check the box beside it, and then click Enable.
To permanently delete a role from an account, check the box beside it, and then click Delete.