Admins
On the admins list you can find all administrators and their roles. As a company super administrator, you can see and edit every admins roles and scopes. You can also add new administrators, except new company super administrators. Other administrators might also be able to see, edit and add other administrators, depending on their permissions.
Click users name, email, or employee ID you can find out the following details:
General information
Here you can see users’ basic information e.g., name and email.
Permission labels on the general information page are used to grant administrators permissions to other administrators (and other entities). Please select the ones that fit best. For example, if the administrator is relevant for a certain division and its administrators should have access to it, select the division; if it is relevant for a certain country, select the country; if it is relevant for both, select both. Read more how permission labels are used from the "Labels" page.
Scope
Here you can find the scope assigned to the admin.
What is scope? The permissions assigned to roles are additionally limited by two scopes: the entity scope and the user’s scope. A scope is the extent of influence. For example, if you have a house that is surrounded by a fence, the fence usually sets the extent of your property. Within the fence you can do anything permitted by law and the local municipality, but not on the other side of the fence where your neighbors live
There are four ways to set the scope of an admin:
- Recommended: Set the scope directly for the existing roles. For example, if the admins who have been assigned to the role in question should only see users from Finland and contents that are targeted to Finnish employees, the scope should be set already in the role instead of the admin's individual permissions.
- On the "Scope" tab of an admin, in which case they will apply to all roles and permissions that are set for the administrator.
- On the "Assigned roles" tab of an admin, in which case the scope will apply only to the permissions granted by the particular assigned role.
- On the "Assigned permissions" tab of an admin you can set the permission to apply only to a certain label or content.
What are the user groups?
User groups allow people to be segmented based on criteria. Business users The HR system as well as the LMS have various attributes such as name, email address, department, country, etc. that can be used to set the criteria. User groups also allow you to recreate the same organizational structure you have in your own organization HR system. Usually, people are assigned to a department or unit and a higher-level company the structure is constructed by assigning those departments or units to it.
User groups can be found and created in: Users > Groups
Assigned roles
Here you find admins already assigned roles and add or remove and edit them. You can also edit the scope of a particular assigned role by setting the permission label and user scope.
Assigned permissions
List of permissions granted directly. The scope that is set on the “scope” tab affects all these permissions. For example, if you add permission to see reports of mandatory trainings and you have previously set the user scope as “Everyone in Finland”, the report only shows users from Finland.
You can also set the scope of a single permission set on this tab with domain and user scope. The domain can be for example a single content or a label.
We recommend to use roles instead of directly granted permissions whenever it is possible.
Effective permissions
Here you can see every individual permission that is granted through the assigned roles or directly. On this page you cannot edit anything, but you will be able to check if everything is set correctly.
Adding a new administrator
Navigate: Permissions > Admins > Add new user
Fill person details and employee ID. Select which roles and permission labels you want to sign for the person. After you have created the administrator user, the user can be found from the administrator user list. By clicking the name/email/uid of the administrator, you get to the admin’s detail page, and you will be able to edit additional option of the admin user (for example scope).
