Learn about our newest features and enhancements!
Configuration: User Role Permission Levels
Authored by:
on 10/30/2024 1:52:00 PM

Introduction

Configuring user role permission levels is an important step when setting up your organization’s account. Permissions define the actions that users can perform when interacting with your CharityEngine account. While CharityEngine supports out of the box access roles, there is also capability for any customization that may be required specific to your organization and your business needs. 

Table of Contents

Prerequisites

  1.  Consider the tasks and day to day activity of your staff and volunteers and consider the interactions and needs by each application within CharityEngine
    1. Note: There are over 600 permissions, so outlining and mapping a basic CharityEngine features/functions will create an easier assessment of read/write/delete access

  2. Note: One benefit of using Out of the Box user roles (vs. custom roles), is that when new features are added to CharityEngine, the roles will automatically update, and users will be able to see the features. For example, a Super User has complete access to the entire system, including new features, however if a custom role is created, they will not automatically be able to view the feature without managing the role.

Reference - User Roles: Out of the Box

User Role Name Overview Access Level
Basic User Provides read only access throughout the CharityEngine applications Read
Accountant Provides read only access throughout the CharityEngine applications; ability to access limited transaction reports regarding payment and transaction summary. Read
Webmail Provides read & write access throughout the ChairtyEngine applications; limited ability to delete Read & Write
Super User Provide comprehensive read, write, delete access of all available applications within CharityEngine (full access) Read, Write, & Delete - Maximum access across all applications

User roles can be located by navigating to the Configuration App > Users & Roles > User Access Roles > Filter: System

Note: These roles cannot be modified. If you wish to replicate as a baseline, please leverage the Duplicate option from ACTIONS

Note: One benefit of using Out of the Box user roles (vs. custom roles), is that when new features are added to CharityEngine, the roles will automatically update, and users will be able to see the features. For example, a Super User has complete access to the entire system, including new features, however if a custom role is created, they will not automatically be able to view the feature without managing the role.

Instructions: Creating Custom Roles

Custom roles can be created to customize the access that users have. For example, if you have user who only enters transaction and contact data, you can create a custom Data Entry User role and only select transaction and contact permissions.

Note: One benefit of using Out of the Box user roles (vs. custom roles), is that when new features are added to CharityEngine, the roles will automatically update, and users will be able to see the features. For example, a Super User has complete access to the entire system, including new features, however if a custom role is created, they will not automatically be able to view the feature without managing the role.

Step 1: To create a custom role, navigate to the Configuration App > Users & Roles > User Access Roles > Create New

Step 2: Enter Role Name (required) and description (optional)

Step 3: Navigate to the Permissions and Active Users tab
Step 4: Use the drop down to Select an Option and expose the option to assign Read, Change, Delete, or Include Children. Then click ASSIGN to add.
Step 5: If you have existing permissions you which to modify, navigate to ACTIONS and hover over the ellipse to Manage or Delete. Be sure to click SAVE to secure your changes.
Step 6: Once the roles have been created, you will be able to assign roles to the contacts. Navigate to the Active Users tab and select Add New to add a user to the role. 
Step 7: If the user account has already been created and the roles need to be updated, navigate to the Configuration App > Users & Roles > User Accounts > locate the user > ACTIONS: Manage > Roles & Access tab > Roles > Select role from drop down > ASSIGN > SAVE


FAQs & Other Materials

Q. Can a user have multiple roles?
A. Yes - Roles can be stacked on a user profile, meaning they can have multiple user access roles. Please note, if you decide to stack user roles with conflicting access, the least access will be defaulted. (i.e. providing 'Accountant' and 'Super User' roles will limit the user to 'Accountant' level permissions and will restrict the user from write/delete capabilities.)
Q. What are the benefit of using the out of box user roles?
A. One benefit of using Out of the Box user roles (vs. custom roles), is that when new features are added to CharityEngine, the roles will automatically update, and users will be able to see the features. For example, a Super User has complete access to the entire system, including new features, however if a custom role is created, they will not automatically be able to view the feature without managing the role.
Q. What is the best practice for assigning user roles?
A. For best practices, there should be different levels of user roles and these roles need to reflect the needs of the organization. For example, Super user that has access to everything, a Standard user that has less access to than the super user, and a basic user, that has minimal access. The roles can also be created for each department of the organization, for example Accounting, Event Management, and Major Gift Officers could all have different user roles that allows access to different parts of the CharityEngine.
Q. How do I read and interpret the access?
A. Typically, the access is identified by the Application Name followed by the Application Feature (or submenu) - which is replicated within the menu structure within each application. 


Related Articles

Powered by Powered By CharityEngine