Genesys Cloud - Main

Hello! The long and short of it is I have a data table that I want supervisors to be able to modify. I don't want supervisors to be able to modify ANY OTHER data table besides the one I have in mind. Is there any way I could do this?

I was considering the idea of making a new division and putting that data table in that new division, then making a user that has access to that division and tell Supervisors to log in as that user when they need to make modifications to the table but I don't know if that is viable, or if there are better ways to accomplish what I desire. I am particularly cautious about testing such because I was told during our setup that creating divisions could be dangerous.

Any assistance/guidance is appreciated.
#ArchitectureandDesign
#SystemAdministration
#Unsure/Other

------------------------------
Nathan McKay
Insite Support Services, Inc.
------------------------------

That is pretty much exactly what divisions are for. You don't need to create an additional user. You would create a Role with the desired permissions to access Data Tables. Then you give their user the role for the division. The User can be in any division.

Another approach (particularly if you want more control over the table's contents, or want to give your users a "pretty" interface, or want a separate audit trail) would be to write a small application that updates the table via the API. That way you have total control.

I'd be curious to know who told you divisions could be dangerous, what the danger is and why?

------------------------------
Paul Simpson
Eventus Solutions Group
------------------------------

Original Message:
Sent: 11-08-2022 19:32
From: Nathan McKay
Subject: Controlling access to a datatable

Hello! The long and short of it is I have a data table that I want supervisors to be able to modify. I don't want supervisors to be able to modify ANY OTHER data table besides the one I have in mind. Is there any way I could do this?

I was considering the idea of making a new division and putting that data table in that new division, then making a user that has access to that division and tell Supervisors to log in as that user when they need to make modifications to the table but I don't know if that is viable, or if there are better ways to accomplish what I desire. I am particularly cautious about testing such because I was told during our setup that creating divisions could be dangerous.

Any assistance/guidance is appreciated.
#ArchitectureandDesign
#SystemAdministration
#Unsure/Other

------------------------------
Nathan McKay
Insite Support Services, Inc.
------------------------------

I agree.  Divisions can be used for just one object type like data tables or flows where you only want to give certain permissions and access to a subset of individuals.  There is no real limit on the number of roles, so splitting up permissions and divisions among them is an easy way to segment access.  Paul's idea of an API app would keep them out of Admin altogether - which is what you might like as well.

------------------------------
Robert Wakefield-Carl
Avtex Solutions, LLC
Contact Center Innovation Architect
https://www.Avtex.com
https://RobertWC.Blogspot.com
------------------------------

Original Message:
Sent: 11-08-2022 20:01
From: Paul Simpson
Subject: Controlling access to a datatable

That is pretty much exactly what divisions are for. You don't need to create an additional user. You would create a Role with the desired permissions to access Data Tables. Then you give their user the role for the division. The User can be in any division.

Another approach (particularly if you want more control over the table's contents, or want to give your users a "pretty" interface, or want a separate audit trail) would be to write a small application that updates the table via the API. That way you have total control.

I'd be curious to know who told you divisions could be dangerous, what the danger is and why?

------------------------------
Paul Simpson
Eventus Solutions Group

Original Message:
Sent: 11-08-2022 19:32
From: Nathan McKay
Subject: Controlling access to a datatable

Hello! The long and short of it is I have a data table that I want supervisors to be able to modify. I don't want supervisors to be able to modify ANY OTHER data table besides the one I have in mind. Is there any way I could do this?

I was considering the idea of making a new division and putting that data table in that new division, then making a user that has access to that division and tell Supervisors to log in as that user when they need to make modifications to the table but I don't know if that is viable, or if there are better ways to accomplish what I desire. I am particularly cautious about testing such because I was told during our setup that creating divisions could be dangerous.

Any assistance/guidance is appreciated.
#ArchitectureandDesign
#SystemAdministration
#Unsure/Other

------------------------------
Nathan McKay
Insite Support Services, Inc.
------------------------------

I agree with the other responders. We use divisions to restrict access to data tables. This has worked perfectly for us. I did want to call out that an org appears to have a top limit of 50 divisions, so you can plan strategically if you're going to use divisions to solve this. 
https://help.mypurecloud.com/articles/divisions-overview/

Thanks,

------------------------------
Cory King
IT Lead
IGS Energy
------------------------------

Original Message:
Sent: 11-08-2022 19:32
From: Nathan McKay
Subject: Controlling access to a datatable

Hello! The long and short of it is I have a data table that I want supervisors to be able to modify. I don't want supervisors to be able to modify ANY OTHER data table besides the one I have in mind. Is there any way I could do this?

I was considering the idea of making a new division and putting that data table in that new division, then making a user that has access to that division and tell Supervisors to log in as that user when they need to make modifications to the table but I don't know if that is viable, or if there are better ways to accomplish what I desire. I am particularly cautious about testing such because I was told during our setup that creating divisions could be dangerous.

Any assistance/guidance is appreciated.
#ArchitectureandDesign
#SystemAdministration
#Unsure/Other

------------------------------
Nathan McKay
Insite Support Services, Inc.
------------------------------

Divisions - notably poorly designed or appropriated ones - might cause a bit of confusion but it should be easy to rectify. The concept of Access Control which Divisions play a major role in has a friendly overview article and quick start guide among other pieces of documentation. Hopefully this helps ease you in, Nathan. Also curious who told you that, but I reckon its not as dangerous as an agent (accidentally) given a Master Admin role. The horror.. =))

Paul, Robert, and Cory are all right on the money. Thank you, gentlemen!

------------------------------
Nico Feliciano
Genesys - Employees
------------------------------

Original Message:
Sent: 11-08-2022 19:32
From: Nathan McKay
Subject: Controlling access to a datatable

Hello! The long and short of it is I have a data table that I want supervisors to be able to modify. I don't want supervisors to be able to modify ANY OTHER data table besides the one I have in mind. Is there any way I could do this?

I was considering the idea of making a new division and putting that data table in that new division, then making a user that has access to that division and tell Supervisors to log in as that user when they need to make modifications to the table but I don't know if that is viable, or if there are better ways to accomplish what I desire. I am particularly cautious about testing such because I was told during our setup that creating divisions could be dangerous.

Any assistance/guidance is appreciated.
#ArchitectureandDesign
#SystemAdministration
#Unsure/Other

------------------------------
Nathan McKay
Insite Support Services, Inc.
------------------------------