A place to ask questions, connect with others, and stay in the know
In this video, @Shigeki Sahashi discusses a new feature "Attribute-based access control"
Administrators can now enforce more granular access control within Genesys Cloud using the new attribute-based access control (ABAC), in addition to the existing role-based access control (RBAC) by allowing administrators to define more specific permissions. Administrators can prevent certain users, such as supervisors, from granting themselves or others higher-level roles like master admin. In addition, administrators can now restrict users from changing certain profile fields, such as contact details, unless they have supervisor or admin permissions. This feature is useful for maintaining the integrity of contact center workflows and ensures that agents and other users cannot inadvertently alter critical data. ABAC also provides flexibility for future use cases, where administrators can apply custom access restrictions to meet their business or security needs.
Release notes: https://help.mypurecloud.com/releasenote/march-31-2025/
#TAMStudios #FeatureReview
#Implementation#Security#CommunityVideos(TAM,QA,etc.)
Hi Corey,Thank you so much for your valuable comment on the post. As announced, "ABAC will evolve over time as more attributes and targets are defined.", and its templates are currently limited to the existing two functions. Also, the resource of JSON manipulation may not be enough to answer your query.As per our PM's word, " ABAC is a framework that our service teams can utilise to deliver that additional granularity by specifying targets (API calls that we need to control/restrict) and by identifying and supplying the required attributes (pieces of data used for decision making purposes). The first step in that process is the identification of needs. What are those areas in the product where additional access controls are required? Those requests, which should be channelled through the Product Ideas page, will be directed to the appropriate service team for prioritisation and implementation. "I am certain that your idea would be beneficial to lots of Genesys users, and it would be recommended to raise an idea on the page, so it can be prioritised for further improvement.Again, thank you for being a part of our community.Have a wonderful weekend :) !!
This was very helpful. Thank you. To go along with this has anyone run across any use case scenario's or JSON manipulation talks? I'm looking to do something a little different where I limit access by all to assign default roles unless already assigned. The goal is to remove add/edit ability of roles so that we can limit changes we are currently seeing. This includes limiting certain admins from this ability.