User Management
Every actor engaging with a Pushologies system has an individual user account. This applies to both Portal UI users and any external system with programatic access using API keys.
Pushologies uses role-based access control, where each individual user account is granted permissions based on the system role the user has and their "status" in the system.
The roles currently supported are:
- Read-only: Can view any information except for API keys or credentials. Users with this role cannot create or update Segments, Notifications and Tags.
- Creator: Can create, update and delete items - They cannot view API keys or credentials. Users with this role cannot perform notification pushes.
- Publisher: Can create, update and delete items - They cannot view API keys or credentials. Users with this role are allowed to perform notification pushes.
- Admin: Can create, update and delete items including API keys and credentials. This is the most powerful system role, so should only be granted to those who absolutely require it.
The user lifecycle and statuses for Portal users are explained in a bit more detail below:
Waiting → Invited: New users are placed in either the “Invited” or “Waiting” status, depending on whether the Admin sets a future date and time that they would like an invite and temporary password to be sent. By default, all invites are sent immediately. Pushologies has an automated process that sends batches of invites hourly.
Invited → Expired: Once 3 days has passed since an invite was sent, “Invited” users will be moved to the “Expired” status. Expired invites are no longer valid, so an Admin must re-send a new invite in order for expired users to be returned to the "Invited" status. Invites can be re-sent before they expire - re-sending an invite invalidates any previously sent invites, irrespective of whether the 3 day validity has elapsed.
Invited → Active: Once a user has opened the unique link in their invite e-mail and chosen a secure password, they are able to log in to the Pushologies Portal. The first successful login updates their status to "Active".
Active → Suspended: Admins may disable users and revoke their access by updating their status to “Suspended”. Any suspended user can be re-instated at a later date which restores their access. Once a user has the "Suspended" status, they are eligible to have their personal information redacted - This is a one-way process that preserves the user's unique system ID but removes all other identifying information to comply with data protection regulations.
API key access is only restricted by the "Suspended" system role. If you wish to revoke access to an API key, this can be done by updating the parent system-generated user with the suspend endpoint.
Updated 10 months ago