(New) User Management
Overview
The User Management module streamlines the process of adding and managing users on the Capillary platform. Brands can manage all users within the organization and their permissions using this module.
The following actions can be performed:
- Add up to 10 users from the UI using individual email addresses
- Add or update up to 50 users via bulk upload
- View or search the user listing with important details
- Export the users' list
- Remove one or more users from the organization
- Support for different types of users: Standard, Admin, and Org Owner
- Predefined Standard Permission Sets for creating users
- List and create new Permission Sets with a categorized module-wise view
Note
If a user is created in the old flow, their user type won’t be mapped in the new UI; it will default to Standard User and needs to be updated explicitly.
Getting started
Prerequisites
- CAP POC: Ensure a CAP POC is set for the organization. Contact the Access team if it is not set. This is required to send an email for setting a password for the user.
- Roles Definition: Define the role of the organization. The roles below should be present in small cases.
Note: The case sensitivity in the org roles will be removed in future releases.- Org Level - Access to the entire organization-level data.
- Store Level - Access only to store-level data
- Zone Level - Access only to a zone level data
- Concept Level - Access only to concept-level data
Accessing the portal
The portal is currently available only for internal users. Contact the Access team or your CSR for access information.
Terms and definitions
The below table lists the terms and definitions used in this documentation.
Term | Definition |
---|---|
User | A user is anyone with access to the Capillary platform, capable of taking actions across various modules including Loyalty, Member Care, Engage+, and more. |
User types | A user type refers to a predefined set of permissions and access rights assigned to a user within an organisation's system or platform. For more information, refer to the section User Types. |
Accessible Entities / Resources | Accessible entities, also known as resources, specify the subsets within an organisation that are accessible to the user. These entities include stores, organisational units (concepts), and zones |
Access team | The access team refers to the internal Capillary team managing users across every org on our platform. |
Permission | The permissions define what data and functionality a user can access within a system. RBAC (Role-Based Access Control) operates on the principle that users should have access only to resources necessary for their role (principle of least privilege). This ensures that users, like Customer Service Representatives (CSRs) using Member Care, have the specific permissions required—such as searching for a customer, viewing profiles, and modifying identifiers to perform their tasks effectively. Individual permissions cannot be assigned directly to a user without being part of a defined permissions set. |
Permission set | A permissions set, also known as a permissions bundle or access group within our framework, is a collection of permissions that can be assigned to a user. For instance, when configuring access for a CSR using Member Care, we aggregate relevant Member Care-related permissions into a set or group and assign it to the user. For more information, refer to the section Permission sets. |
User role | A user role is an assigned designation of the user provided when adding users in bulk. |
User types
Standard user
A Standard User is an individual with restricted access within the organisation. A standard user has the following limitations:
- Limited access to the organization and its subsets, including specific stores, concepts (org units), and zones.
- Can only view their own profile.
- Does not have access to manage other users or permissions.
- Access to permission sets must be assigned explicitly by an Org Owner or Admin User.
Admin user
Admin Users are explicitly created by organization owners to handle specific tasks and perform duties on their behalf. Admin Users have all the capabilities of Standard Users, with additional abilities to:
- Create, view, and delete Standard Users.
- Provide access permissions to Standard Users.
Org owner
An org owner will have full authority over an organisation and all the modules and can add other standard or org owner-type users. An organisation must have at least one org owner.
The org owners can perform the following:
- Create more Org owners if required.
- Create, View, Update, and Delete any users/permissions. By default, the org owner can access all Standard and custom permissions.
Permission sets
A permission set is a collection of permissions that can be either standard or custom, defined at an entity level. For example, if permission set X is assigned to User A with access to Stores 1, 2, and 3, then those permissions apply exclusively to those specified stores.
Standard permission sets
Standard permission sets are predefined in the system, designed with common module-related permissions in mind, and are available across all organizations.These sets cannot be deleted or modified by users. Any changes, such as introducing new permissions, can only be made by the Capillary technical team.
Custom permission set
Custom permission sets can be created by Org Owners, combining permissions from different modules to meet specific organizational needs. These custom sets are only available within the organization where they are created.
Org Owners have full control over custom permission sets, including the ability to update, delete, and modify them.
Creating permission sets
To create permission sets, perform the following:
- Click Create permission set.
- Enter the Permission set name and Description for the permission set.
- Select Start from scratch and click Next.
- Select the relevant modules and assign the permissions.
- Click Done. The new permission sets are created.
Viewing permission sets
You can navigate to User Management > Permission sets and view the available permission sets.
User onboarding
Using individual email addresses
This feature enables you to add users by entering their email IDs. All email addresses will receive the same level of permissions chosen in this process. A maximum of 10 emails can be added at once. For adding more users, the bulk user upload feature is available to create users in bulk efficiently.
Perform the following:
Admin access required
You need to have org access to add the users.
- Click Add new user.
- Select Add with email addresses and click Continue.
- Enter the email addresses one by one in this text box and click "enter" on your keyboard after typing each email. A maximum of 10 emails can be added.
- Select the User Type and click Continue. Please note that it is mandatory to assign a user type to each user.
- For Standard users - Select the entities to which you want to give access for those user(s) and click Continue. You can give access to the entire Organisation or certain Org units or Stores.
Note: Organisation owners will have access to the entire org by default, and hence there is no need to select any entity for an Org owner.
- (Applicable for Standard users) Choose the relevant permission set or you could also create a new permission set and click Continue.
Org owners will have full authority, so there is no need to select any permission set for an org owner.
- Click Send invite.
Once the Send Invite button is clicked, an email is triggered to the user's email address. They can click on the link provided in the email, and get started.
Bulk upload
You can use the bulk-upload option to add users in bulk. With the bulk upload, you can have different permissions mapped to different users. A maximum of 50 users can be added using bulk upload.
To add the users in bulk, perform the following:
- Click Add new user.
- Select the bulk upload option.
-
Upload the CSV file. You can download the sample file, enter the values, and you can upload the same file. You can have multiple people on this list, and can also have different permissions for each person. So that way, you can customize permission for different users through this bulk upload flow.
email Email ID of the user userRole A designation of the user. For example, admin. groupName If applicable, the user group to which the user is associated with. title Title of the user. For example, Mr, Miss. firstName First name of the user middleName Middle name of the user lastName Last name of the user mobile Mobile number of the user accessibleEntities Entities to which the user will have access. Organization, Org units/Concepts, Stores, Zones. userType The user type. Standard or Org owner.
- Click Create user(s). An email will be sent to the registered user to reset the user.
Managing users
Viewing users
You can view the user list on the Onboarding users' homepage. You can also export the users' list. The users list includes the following details:
- Name and Email address of the user
- User type
- Status
- Active indicates that the user is active
- Pending indicates that the user has received the invite to join the organisation but has not joined
- Deactivated indicates that the user is deactivated.
Exporting users list
You can export the present users' list of the org in a CSV format. The CSV file contains the following details:
-
First name
-
Last name
-
Email address
-
Mobile
-
Status
-
Created on
-
Created by
-
Last login
-
Is cap tech user - Indicates if the user is a capillary tech user. This is identified using the email address of the user.
Updating users
You can update the users using the bulk update option
-
Select the Bulk update users option from the user listing page:
-
Upload file with relevant fields to update user details:
- Click Done.
Note: Updating user permission will append or add to the existing permissions.
Removing a user
You can remove users individually or multiple users together by selecting 1 or many user(s) from the user list available on UI. To remove, on the user listing page, select the user and click Remove from organization.
FAQs
- Can I resent the password reset email?
No. At present, you cannot resend the email to reset the password. - Can we integrate CAP POC from the User Onboarding UI?
No. You need to contact the access team. - Can the new UI be used for multi-org user onboarding?
Users can be created and edited in the primary organisation (Capillary Org) either via the UI or through bulk upload.
Once a user is created in Capillary Org, they automatically gain access to other associated organizations. However, the permissions they receive in these organizations will match the permission set defined in the Capillary Org. Deletion/Deactivation flows will be available in future updates. - How are permissions managed for multi-org users in the new UI?
Permissions are replicated across organizations for multi-org users in the new UI. The separation of user roles based on the organization will be available in future updates. - Will users created in the new UI be able to access the old UI?
Yes, users will still have access to the old UI. However, their permissions in the new UI will be based on the user type set during onboarding in the new UI. - What happens if a user created in the old UI flow is viewed in the new UI?
Users created in the old UI flow won't have user type tags (Org Owner, Admin User, Standard User) in the new UI. They will be considered Standard Users by default. To change their user type, a bulk upload is required to update their roles. - Are there differences in permission sets between the old and new UIs?
- Yes, in the old UI, permission sets may not be clearly defined for each user. In the new UI, permission sets are more explicitly defined, and users can be categorized as Org Owner, Admin User, or Standard User. These categories help in managing permissions more effectively.
- How long are sessions active?
Sessions remain active for 24 hours. After this period, users must log in again. - Can I deactivate a user from the new UI?
No. This will be available in future updates. At present, you can only remove a user from the organization.
Updated about 2 months ago