Use custom permission sets

Last Update: Oct 2024 • Est. Read Time: 3 MIN
To check plan availability, see the pricing page.

You can create custom permission sets within Kustomer that will allow you to assign access to key areas of the product to users and teams in your organization. 

For this article, we will create and assign a permission set that allows access to see and edit custom order information for a customer, but not delete it.

Who can access this feature?
User typesAdmins can access the Permission sets page.


In this article

Create a custom permission set

When creating a new permission set, you can start from either a blank or best practice template. We recommend using a best practice template, which comes preconfigured to allow access to areas in the platform that will users the most from Kustomer.

Note: Using the Best Practice Template will not grant access to objects.

To create a new permission set:

  1. Go to Settings and select Users > Permission Sets.
  2. Select Add Permission Set.
  3. Select Blank Template or Best Practice Template.
  4. Select Create Permission Set.
  5. Enter a name for the permission set. Optionally, enter a description.
  6. Determine the area of the product for which you are creating a permission Set. By default, access is denied to all objects and product areas until access is granted through a Permission Set, even if you selected to use the existing template. For this example, select Object Permissions.
  7. Select for the Customer object and specify the level of access you want to grant. Since we want users to have full access to this object, we will select All Access to Customers and then Read/View, Create, Update, and Delete.
  8. Optionally, select the Attribute Permissions tab to define the attributes that the user will be able to access. For more information, see Attribute level permissions.
  9. Select Save Changes.
  10. Since we defined the access level for Customer, which is a top-level object, confirm whether or not you want to apply the same access level to all lower-level objects. Since we do not want a user to have the ability to delete an order, select No, Don't Use Hierarchy.


    Note: If an attribute permission is changed to a permission set that differs from the object permissions, the attribute permission will be enforced for that attribute only. All object permissions will otherwise remain in place. 

  11. You can grant access to all KObjects or individually. For this example, select Configure Individual KObjects from the drop-down menu.
  12. Select for KObject Order and define the level of access for it. Since we do not want users to have the ability to delete an order, select All Access to Order and then Read/View, Create, and Update.
  13. Select Save Changes.

    Note: Your permission set has not been applied across the system yet. See Permission set processing time for more information.

  14. Your updates are shown on the Edit Permission Set page and clearly indicate what you did or didn’t provide access to within objects and product area.

To edit a permission set:

  1. Go to Settings and select Users > Permission Sets.
  2. Select the edit icon  for the permission set you want to change.
  3. Make your desired changes and select Save Changes.
    Your changes will take effect once the updates are applied throughout the system.

Change the default object hierarchy

Company and Customer are considered top-level objects that, by default, control the permissions of lower level objects. Whenever you change the granted permissions in either of them, you will be asked if you want to apply the same level of access to all lower-level objects.


If you do not want users to automatically have the same level of access in Conversations or KObjects that was granted in Customer, select No, Don't Use Hierarchy and then change the permission for either of these areas.

Note: You must define a permission for either the Company or Customer object and allow All Access to either in order to define a permission on Conversation or KObjects.

Permission set processing time

Once a permission set is created and saved, it will start to process so that all changes can take affect across the system. How long this takes is dependent on how much data is in your system. Processing occurs when creating or editing permission set. While the permission set is processing, you will see an alert that indicates that this process is currently underway. 

Once a permission set is done processing, you will receive a Kustomer notification and an email informing you that this is complete and that the permission set can be applied. To apply it, navigate to the permission set and select Apply Permission.

Then, select Yes, Apply to confirm the change.

All of your changes are now live within the system, and all users and teams that were assigned this permission set now have the access they were given. You have 24 hours to revert the permission set to its current state. You can do so by selecting Revert to previous version.

Once you apply the permission, you can assign it to a user or team.

Related articles: