Types of user roles and permissions

Learn about what user roles and permissions can be assigned to employees. You must be an Administrator to access these settings.

There is a wide range of features available with your WhosOnLocation account. Some of these features are only accessible by users assigned with correct permissions. User roles determine what a user can and cannot do in WhosOnLocation. Employees who need to administer specific parts of WhosOnLocation can be assigned the relevant user role. 

An Administrator must send a user a login permission email to an employee before they can log into WhosOnLocation. Learn how to grant employee access.

Your Account Owner must activate any add-ons before you can see them in WhosOnLocation.

Role types

Account Owner

Every account has a single Account Owner. They can access the major account settings area and manage the availability of add-on features within the account. The Account Owner also has the same access as a Global Administrator.

Administrator

Access rights to manage the general location settings and manage employees. These settings are found in the Locations menu.

You also have the ability to manage and grant all user roles, location details, and visitor policy rules. There are two permission levels:

  • Global - manage all locations in the account.
  • Limited - manage only those locations assigned to them.

Once they have this role, they’ll have access to the following features and add-ons (if enabled by the Account Owner):

An Administrator can also assign user role permissions to other employees.

Asset Manager

Access rights to the asset manager add-on and set up assets inventory and issue assets to guests, contractors, or employees. There are three roles:

  • Global - create asset groups, types, add assets, and issue assets into and out of all locations across the account.
  • Manager - create asset groups, types, add assets, and issue assets into and out of their assigned locations.
  • Issuer - issue assets out and receipt them back in, but only for the assets linked to the locations assigned to them.

For more details, have a look at assign the Asset Manager user role article.

Contractor Manager

Access rights to manage the contractor add-on. There are three roles:

  • Administrator - same rights as a Manager user role, plus this user can manage contractor settings.
  • Manager - manage any contractor organization or member and make them Active.
  • Coordinator - manage contractor members that are part of the same Internal User Access Group as the Coordinator.

For more details, check the assign the Contractor Manager user role article.

Identity Manager

Access rights to the identity manager add-on. The Identity Manager can set up Tokens (Barcode, RFID, Photo ID, etc.) and export token records.

An administrator with the Identity Manager user role can also issue and manage Tokens, and their unique identifiers, against employee profiles.

Induction Manager

Access rights to the induction management add-on. There are two roles:

  • Global - create and manage all courses in the account.
  • Limited - invite participants to WOL e-Learning courses who have access to those locations assigned to them.

For more details, check the assign the induction management user role article.

IT Administrator

Access rights to the security, employee management, and integration functions under Tools > Account.

These functions allow IT personnel to set the password strength and password change policies and access advanced options for maintaining employee access like AD, SSO, SAML.

Users with this user role can access these settings:

  • API – Information about the WhosOnLocation API which can be used for integrations
  • Integrations – Settings for WhosOnLocation's integrations with third-party applications
  • Employee management – Options and information for Active Directory Sync to automatically update your employee database
  • Employee access – Set security restrictions for employee sign-ins such as password strength and single sign-on options

Location Print Manager

Provides the ability to manage ID card print requests for an organization. When a print request is made and sent to a location, the user with this role receives an email and in-app message. They can then print the cards, send them to the provided address, and update the progress in WhosOnLocation.

For more information, check the enabling the identity management add-on article.

Qualifications Manager

Access rights to the qualifications manager add-on. Types of qualifications include licenses, certificates, courses, registrations, and degrees.

Administrators can then assign qualifications to employees in those locations assigned to them.
Contractor Administrators, Managers, and Coordinators can assign qualifications to contractors they administer.

Reports Manager

Access rights to the reporting functionality in WhosOnLocation.

Sign In/Out Manager

Access rights to a nominated site to manage visitors, contractors, and, if required, employee attendance. There are two roles:

  • Global means they can manage people for all locations in your account.
  • Limited means they can manage people only for those locations assigned to them.

Triggers Manager

Access rights to manage the triggers add-on. There are two roles:

  • Global - manage triggers for all locations in the account.
  • Limited - manage triggers only for those locations assigned to them.

For more details, have a look at the enable the triggers add-on article.

WolPass Manager

Access rights to set up and configure the WolPass add-on and email template. There are two roles:

  • Global - manage all locations in the account.
  • Limited - manage only those locations assigned to them.

Employee

This is not an assigned role. Any employee who has been given login permission can access basic employee functions such as pre-registering guests and managing their own profile.

An Administrator can send a Login Permission Email to an employee in a location assigned to them from the employee list.

 

Assign user roles

Any Administrator can assign an employee user roles relevant to their location, including making them an Administrator. Most user roles have different levels of access built into that role, e.g. an Administrator can be a Global Administrator or a Limited Administrator.

As an Administrator, you can only assign user roles to feature areas that you have access to. If you have limited access, you can only grant access to limited areas.

To assign a user role, log into WhosOnLocation as an Administrator, then:

  1. Go to Tools > User Roles.
  2. Find the relevant employee using the search fields.
  3. Click Manage Roles next to the employee.

    Manage-Roles.png
  4. Select the User Roles you want to assign (and the level of access if relevant).
  5. Click Assign Roles.

    Identity-Manager-Assign.png

The next time that employee signs in, they will have access to that area of WhosOnLocation. If the employee does not yet have access, you will need to send them a login permission email.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request