These are roles that are predefined with respective permissions to allow users to start interacting with the system depending on the privileges they are granted by their organization.
- 5 of these roles are the same roles existing users of the Ecosystem Application are already assigned to ensure no disruption in their current experience. The change is that now platform admins will be empowered to granular permissions.
- 2 roles are introduced for Role Center to replace the User role eventually
What are the Ecosystem Application’s modules that can currently be managed in Role Center?
To give you more precise control over user access, we are upgrading our platform to a new system of granular permissions, managed in the Role Center. This upgrade is being rolled out in phases, module by module. During this transition, you will see two types of permissions for our pre-built roles:
- Fully Manageable: These permissions are for modules that have been fully upgraded. As an admin, you have complete control to add or remove these permissions from a role.
- Read-Only (Legacy): These permissions are for modules that have not yet been upgraded to the new system.
They are displayed to show you the capabilities that are still tied to the original roles, ensuring users have the same access they had before this update. You cannot edit them yet, but they will become fully manageable as we upgrade each module in future releases. The table below shows the current status of each module's permissions in the Role Center.
We will notify you as more modules become fully manageable in upcoming releases.
What are the default permissions for each module in the Ecosystem Application for each pre-built role?
See below page for the list of default permissions for the Ecosystem Application for all pre-built roles. Default Permissions for Ecosystem Application for each Pre-Built Role
What are the default permissions for each module in the Ecosystem Application for a new custom role?
New custom roles in the Ecosystem Application are assigned the minimum necessary permissions by default. Administrators can then grant additional permissions as required.
See below default permissions:
Will there be new types of Pre-Built Roles in the future?
Yes. As more Sprout applications are integrated into Role Center, we anticipate introducing different kinds of pre-built roles specifically tailored to manage access for those new applications and their unique functions with their own default permissions for those pre-built roles. These new roles will further enhance the flexibility and efficiency of access management within the Role Center ecosystem. Details on any new roles will be communicated as they are introduced.
What is a User Type?
A way to define a user and limit key capabilities at the user-level. Associated with a role. Allows certain user types to be assigned a role. In the Ecosystem Application, there are 2 types of user types:
What are the User Type/s associated for each Pre-Built Role?
A role can be of Employee and Guest type, if this is the case, it means the role and the permissions granted to it is applicable to both the employee users and guest users. Below are the user types for each pre-built role:
Why can’t I edit any permissions for other Ecosystem Modules (under the General menu option in the left-side navigation panel in “Set Permissions” section) that are not User Management or App Management?
Currently, only those 2 modules are supported for managing granular permissions. Stay tuned for new updates to Role Center as we continue to improve your access management experience.
Why are there still users left unassigned when they were part of my selection in assigning a role?
This is a known limitation and will be addressed in later versions of Role Center. For now, you may reselect the same users that were left unassigned and assign them again.
I don’t see other Sprout products and features available to manage in Role Center. Will they be part of this feature in future versions?
Yes. For Sprout HR, some features (like the Employee Hub) that have their permissions managed in Role Center might not be enabled for your organization. However other Sprout HR features and other Sprout Products (like Sprout Payroll) will have their access managed here in the future to complete the simplified experience of managing access across your applications.
The User role is applicable to both Employee and Guest user types. Does this mean guests can also see widgets and other features allowed for employees with the same role?
No. Guest users will still only have the same limited experience as what they are currently allowed.
The permissions checked but not editable in the details page of the User role is a known limitation in the initial version to ensure no disruption in experience is felt by users previously assigned with that role.
Why are there an Employee and Guest pre-built role?
These 2 roles are meant to be the successor the original “User” role where the permissions are split between the 2 roles based on the user’s User Type. However due to a key dependency of another Sprout product to the “User” role, current users assigned this old role cannot be re-assigned to the new “Employee” and “Guest” role. You may continue to customize the permissions for these roles as you see fit and assign to the users needing the permissions you’ve set.
As new enhancements come to the Role Center, stay tuned for announcements on an improved experience in the future of having users with the Employee and Guest user type automatically assigned to the respective pre-built roles based on their user type with the appropriate permissions.
Can a user be assigned multiple roles?
Yes. Assigning multiple roles to a user means the only the uniquepermissions set for each role are inherited by the user thus allowing the admin to limit introducing new roles and only creating standard roles that can be assigned for different needs of their users.
Why can’t I delete a role?
This capability is a current limitation and any clean up of the roles must be requested to our Support team. This capability is being explored as a later enhancement for Role Center.
How can I get an audit trail of my changes to role details, user assignments, and permission changes?
Currently, direct export of the audit trail is under development. In the meantime, you can request a copy by submitting a Change Request Form (CRF) to Sprout. Our team will generate the report for you. Data is available for up to one (1) year.
Want real-time responses? Explore Sprout Info, your 24/7 guide for product inquiries!