How does the access control work in Voucherify?
Voucherify organizes work on promo campaigns with
projects. These components give you the ability to launch enterprise-grade promotions which require many parties to be involved. Let's see how the access control in Voucherify works in practice:
- users - you can invite team members to collaborate on campaigns in the dashboard. After account confirmation, new users can be granted access to projects. Each user's activity is tracked and can be seen in the audit logs.
- projects - projects group campaigns in collections. The primary goal of projects is to help you control user access to campaigns. You can define which users have access to separate projects. Examples: Jane can operate only on
new acquisition campaignsbut cannot access
employee discountsor Vendor A cannot access vendor B's campaigns.
- API keys - each project can have multiple API keys. This gives you the ability to control how your internal applications and 3rd party vendors access your data.
In this section:
In case you might want to share and redeem your coupons by collaboration with affiliates, we supplied Voucherify with features which enable you to limit users access to the dashboard and perform particular endpoints only.
How it works
Users structure is managed per project. However, the custom roles are defined for the whole organization.
Merchants with API keys
Merchants with API keys are allowed to perform validation and redemption only, excluding other endpoints (they don't have access to the dashboard).You can make as many redemption points as you want to and keep the only rights to create and manage your coupons. Look at the picture below to capture the entire workflow
Coupons are generated and managed by your Voucherify account
- When vouchers are ready, you can deliver them to your affiliates (Merchants) where they are published.
- Customers can now come to these stores (merchants) to redeem their codes.
- The merchant sends a redemption request to Voucherify. If the coupon is valid, Voucherify sends a positive response, and the redemption is successful (all redemption details are noted in your Voucherify account).
The `Merchants` role is available with unique API keys which you can create in the Voucherify dashboard. To begin with, open the Project Settings and go to the API-keys section
Share the API key with your affiliate and send the coupons (see export options) to publish. With these credentials, the merchant can validate/redeem delivered codes.
Roles of users with access to the dashboard
Within Team settings, you can also assign particular roles to your team members and affiliates. Roles control what kind of access to your data a particular user is granted. The roles can be added only by ADMIN user who doesn't have any limits on an account.
The process is divided into two main steps:
- Firstly, define a role - grant access to particular data and endpoints.
- Secondly, invite a new team member and assign them to the role.
While inviting a new team member to the project, an administrator can assign one of the built-in roles:
- USER - can read and modify data from an assigned project, but cannot add new team members or create new projects
- VIEWER - can read all data from an assigned project, but cannot modify any data
- MERCHANT - can redeem/validate vouchers and view redemptions invoked with his/her account. They won't be able to read any other data in the project.
or a CUSTOM ROLE - admin can create new roles and set access rights allowed for each of them.
To manage users structure go to the Team settings > ROLES.
In the roles directory, you can
- view actions performed within predefined roles (click on a role name to view details),
- add new roles (see section below),
- edit your custom roles (the pencil tool).
Assign a user to a built-in role
If you'd like to use one of the default roles (user, merchant or viewer), you can go straight to the step two and invite a new team member:
Create a custom role and assign user
If you'd like to add a new users role follow these steps:
1. Duplicate one of the predefined roles and the app will direct you to the edit tool
2. Write down a name
3. Set what kind of actions can be performed by marking particular boxes
4. Confirm the new role
You can edit your roles by using a pencil tool:
Now, you can invite new team members and assign them to the new role. Go to the Team settings > TEAM, and provide details. While choosing a role both predefined and custom roles are visible in the list:
Available actions and data access
Below we've listed all actions which can be permitted within Voucherify roles.
- Read Campaigns
- Create and modify Campaigns
- Enable Campaigns
- Disable Campaigns