Skip to main content

Configure Engage

Your Engage environment has a configuration area where some parts of the initial setup of Engage can be done. Only users belonging to the "Configurator" permission group can access it.

About permission groups

Every Engage user belongs to a permission group. A permission group is basically a list of things that the users in it are allowed to do in Engage, and more importantly not allowed to do.

Permission groups exist to be sure that Engage users only do what they are supposed to. For example, if a user is only supposed to edit and send emails, we want to be sure they don't accidentally delete an automation, or make other damaging changes. Permission groups allows the Engage customer to grant access rights to only those who need them, and maintain security in their Engage environment.

A restricted permission group is a group that the people who normally have the rights to administrate users (such as those in the "Administrate user" permission group) cannot add other users to. This is to prevent users being able to “level themselves up” and gain access they should not have.

A permission group is made restricted in the Engage back-end (using the toggle "Is a restricted permission group"). There is another setting which allows users of a specific group to add users to any group that is set as restricted. This permission group setting is "Can set restricted permission groups on users".

Recommendations for permission groups

There should be one user who is responsible for the Engage setup and the placing of other users into permission groups. This user can be given the "Configurator" permission group. For configurators, all the permissions they will need are already toggled on by default whenever a tenant is created.

If a customer needs another permission layer (for example, a user who only needs access to specific parts of the Configure Engage area) you can create a new permission group granting permissions to those areas only. Activate the setting "Is a restricted permission group" for this group to prevent standard administrators from assigning this permission group to another user.

Caution

Do not set "Administrator" as a restricted group since all API users created in Configure Engage are given this group by default. If Administrator is a restricted group, then only other users with "Can set restricted permission groups on users" can see these API users.