Standard Roles

   Journey Manager (JM) Previously known as Transact Manager (TM).  |    System Manager / DevOps  |  v5.1 & Higher This feature is related to v5.1 and higher.

Manager provides roles and permissions to control user access to form spaces and modules. You can use this functionality to grant users specific access that matches the functions they are permitted to perform within each space or module. Manager checks what privileges a user has when logged into a form space or module. The roles granted to a user determine these privileges and controls what they can see and do within that space or module.

Before either adding extra roles or granting roles to your users, it is important to understand the following concepts:

  • A user, via their user account, can be granted one or more roles.
  • A role sanctions a group of permissions related to a function that is to be performed within a space or module. That is, a role is a group of permissions that is relevant only to the intended space or module.
  • Each space or module will have a list of valid permissions available to assign to a role. That is, the role may only grant the types of access relevant to that space or module.
  • Each role is mostly for one space or module but can be for more than one.
  • Each permission is normally for one space or module but can be for more than one.

The diagram below depicts the conceptual data model for users logging into spaces or modules and their required roles and permissions.

Out of the box, Manager comes with the standard set of roles. Each role is already configured with its permissions for each standard form space and module. It is possible to alter the standard roles as well as add new ones. However, it is recommended to preserve the standard set and, only when essential, add new roles. It is also important to understand what privileges each of the roles provide before assigning them to your users.

Manager has the following standard roles:

Role Description

Administrator

This is the most privileged role. There should be minimal need to use this role once the system has been installed, especially not in Production. The exception would be for the duration needed to perform a deployment where organizational or user roles need to be altered or imported. Regular form upgrades can be done with the System Manager role.

Avoka Exchange

Allows a user to review and install Avoka Exchange Components.

Developer

This is a role for users who will develop and manage applications. This role is identical to the System Manager role but has been retained for historical reasons. The Developer role should not be used on Production. System configuration and installation in Production can be achieved using the System Manager role.

Maestro Administrator

Allows a user to use the developer functions, plus create and delete projects, import and export files and libraries.

Maestro Developer

Allows a user to use most of the functions. This is the default access.

Maestro SCM Design

Allows a user to use Maestro SCM on Designs.

Maestro SCM Org Library

Allows a user to use Maestro SCM on Organization Libraries.

Maestro SCM Project

Allows a user to use Maestro SCM on Projects.

Maestro Site Administrator

Allows a user to administer the Maestro Instance at a global level.

Maguire Staff

Allows a user to use Works Space form space.

Manager

This is a role for users who will perform operations monitoring and management of submission transactions and collaboration jobs. This role also has limited access to customer submission data, such as receipts. Allows a user to operate a product as a Manager.

Operations

Allows a user to monitor and manage form transactions

Organization Administrator

Allows a user to test Users and Permissions.

Organization User Manager

This Allows a user to manage user accounts for their organization.

REST Delivery

Allows a user to perform submission delivery by invoking REST Delivery Service.

Security Manager Role

Allows a user to test Security Manager Permission.

Service Test Administrator

Allows a user to test Users and Permission service Definition.

System Manager

This is a role for users who are almost as privileged as an administrator, except they cannot view submission data or create users and roles. This role should only be used where extensive system access is required.

System Support

This is a role for users to be able to do basic troubleshooting and triage of issues. This is the least privileged role in Manager.

Test Role

Allows a user to run test cases.

Transact Insights

Allows a user to use Journey Analytics.

Transact Insights Administrator

Allows a user to change global settings for Journey Analytics.

Transaction Data Access

This is a role for users to be able to view the form submission XML and receipt data. This is sensitive personal data that needs to be protected, as it allows a user to access private customer form transaction data.

Work Space Staff

For business Work Space users

WorkSpaces Staff

For business Workspaces users.

WorkSpaces Api Test Role

Allows a user to test Workspaces API Test.

The roles depend on the functions that each team member performs. The following table is an example of how your team can be set up with specific roles:

Teams Development UAT Staging Production

Implementation

Form Builder

System Manager. Transaction Data Access

System Manager. Transaction Data Access

No Access

No Access

Manager Developer

Tech Lead

Administrator

Administrator

Administrator

Transaction Data Access

No Access

Manager Tester

Operations

Operations

Operations

Operations

Operations

System Administrator

Administrator

Administrator

Administrator

System Manager. Organization User Manager

Form User Support Operations

Operations. System Manager

Operations. System Manager

Operations. System Manager

Operations. System Manager

Temenos Teams

Support Engineers. Tech Lead

Administrator

Administrator

System Manager

System Operator

Development Teams

Developer

Developer

No Access

No Access

Next, learn about permissions.