Understand permission sets
Last Update: Oct 2024 • Est. Read Time: 2 MINIn their simplest form, permission sets define what users or teams can see and do within the platform. With permission sets, you can grant users access to data and actions within Kustomer on an object level. Kustomer supports two object types: standard and custom (KObjects).
Standard objects come pre-installed and are considered to be common objects that exist across every organization, and are defined as Company, Customer, and Conversation. KObjects, on the other hand, are objects that are specific to your organization. Applying a permission set to a user or team can prevent them from editing or deleting anything in an object, such as a customer’s name, or from even seeing the customer at all. Since platform data and actions can only be accessed via a permission set, implementing them helps your organization protect its data and offer better security by allowing you to give users and teams specific system access to only what you want them to see, ensuring that they don’t mistakenly get access to sensitive data.
Kustomer permission sets are fully customizable and provide a variety of settings you can choose from to give users the exact access you want them to have. Permission sets make it simple to manage access settings for a group of users at once, removing the need to define permission settings individually.
Who can access this feature? | |
User types | Admins can access the Permission sets page. |
In this article:
Multiple permission sets
Permission sets are additive, meaning users and teams can be assigned multiple permission sets within Kustomer, granting them access to different objects and areas of the platform. Due to this, it is important to understand that when a user or team is assigned multiple permission sets, Kustomer will grant all allowed access, even if the permission sets conflict.
For example, let’s say you assign two permission sets to a user in your organization named Bob. If permission set 1 grants access to conversations, and permission set 2 prohibits access to them, Bob is still granted access to conversations.
Let’s expand on this concept further. Bob is assigned Permission Set A and B and each permission set allows the following access to customers based on their tier.
Basic customers | Standard customers | VIP customers | |
Permission Set A | View & Create | View & Create | View & Create |
Permission Set B | View & Create & Update | View & Create & Update |
In this scenario, Bob cannot update Basic customers. His access allows him to:
- View customers in all three tiers.
- Create customers in any tier.
- Update both Standard and VIP customers, such as their name or email address.
Default permission sets
We recommend you get started by duplicating one of the permissions defined below, and then customizing it to best fit your needs. For more information, see this article.
Duplicate permission sets
You can duplicate a permission set by selecting the icon next to it. The corresponding access settings for that permission set will be automatically enabled. You can then customize the level of access you want to grant your user.