This page explains the access concept of Nimbus. In the first part we explain how user rights are synched between Nimbus and MS Teams and where Nimbus acts with standalone concepts. The second part covers Roles available in Nimbus and their detailed permissions.
Teams, Users and Organization Units
Nimbus has a user roles and permissions system that grants permissions based on a Organization Units hierarchical structure. By using this concept, access to configuration entities of Nimbus can be granted on a very granular level. To understand this permission system we need to explain a few related concepts in the following.
Concept | Details | Diagram |
---|---|---|
User roles and sync between MS Teams | Nimbus syncs users from your tenant's user directory. Each user can then added in a Nimbus role, e.g. as Admin, Owner or Member/ Agent of a service. The role determines, what a user can do within Nimbus.
🔍You can find detailed permissions behind each role explained in the "Role Permission Matrix" table below.
Depending on what Nimbus Service types are being provisioned on your Tenant, Nimbus distinguishes the user role sync by their User assignment types.
🔍 More details on the assignment type and individual user roles are explained in the Role Permission Matrix chapter below. |
|
Access to data entities within an Organization Unit scope | As more users on your Tenant get roles assigned, it's important to distinguish where users can act this role. This is where the Organization Unit concept comes into place:
To understand Organization Units, it is important to know their relationship in the RBAC model. OU STRUCTURES AND RBACEach configurable element in Nimbus is called a data entity.
Organization Units provide a structure to all data entities, e.g. by mirroring a company's organization levels and departments.
RBAC - Role Based Access Control restricts and grants access within any Organization Unit, e.g. by assigning functions to users according to their role in the organization.
|
💡 Organization Units determine where a configurable data entity is placed. Each data entity must belong to exactly one Organization Unit. This includes all Nimbus users, as their OUs determines from which "point of view" they can act in their role.
💡 RBAC determines which actions (Create, Read, Update, Delete) are possible on configurable entities.
💡User roles define a set of permissions on such entities granted within one or multiple Organzation Units. |
User Role Permission Matrix
The following tabs are taken from the following pages:
User Role (RBAC) Matrix
These tables contain details on the Role Based Access Concept (RBAC) concept behind all Nimbus Features. Roles are primarily distinguished by Frontend (Portal, UIs and App) and Backend (Admin/Integrations) .
When using the Nimbus Power Automate Connector or Power BI, additional user roles may be required. Permissions are structured by the CRUDE (Create, Read, Update, Delete, Execute) principle.
Admin User Permissions
Admin Roles
NOTES
Admin roles described on this page have access to the Nimbus Admin (Backend) Portal.
Show Admin URLs…
Nimbus Admin URLs
Switzerland 01 | https://admin.ch-01.luware.cloud/ |
---|---|
Switzerland 02 | https://admin.ch-02.luware.cloud/ |
Germany 01 | https://admin.dewe-01.luware.cloud/ |
Germany 02 | https://admin.dewe-02.luware.cloud/ |
United Kingdom 01 | https://admin.ukso-01.luware.cloud/ |
Australia 01 | https://admin.aue-01.luware.cloud/ |
West Europe 01 | https://admin.euwe-01.luware.cloud/ |
East United States 01 | https://admin.use-01.luware.cloud/ |
✅ Make sure to configure your web proxies to allow access to these domains or whitelist the complete *.luware.cloud domain.
✅ Admin roles are granted by Luware Support or selected Service Partners. Details will be discussed during your Onboarding and first Nimbus Installation.
🔎The table below lists all detail permissions. In a nutshell, Admin user roles can do the following:
Tenant Administrator |
|
---|---|
Organization Unit (OU) Administrator |
|
Workflow (WF) Administrator |
|
Table: Nimbus Admin Portal Roles and Permissions
🔎Legend: Create, Read, Update, Delete, Execute. The term “grid” describes a permission to list (and potentially manipulate) already existing entries of the same type.
Tenant
Tab | Section | Property | Tenant Admin | OU Admin | WF Admin |
---|---|---|---|---|---|
General | - | Name | R | ||
O365 Domain | R | ||||
O365 Name | R | ||||
Tenant Id | R | ||||
Billing Address | RU | ||||
Contact | - | Name | RU | ||
RU | |||||
Phone Number | RU | ||||
SIP Address | RU | ||||
Data Privacy | - | Allow Partner to see User Identifiers | R | ||
Allow Partner to see Customer Identifiers | R | ||||
Persist User States in Reporting | RU | ||||
Data Retention Time (in Months) | R | ||||
Show user Time in State | RU | ||||
Provisioning | - | Default OU for MS Teams creation | RU | ||
Allow service provisioning via MS Teams | RU | ||||
Enable Multihoming | R | ||||
Default Team Owner Role | RU | ||||
Extensions | Outbound | Directly Invite PSTN for Outbound Calls | R | ||
Directly Invite UPN for Outbound Calls | R | ||||
Max Scheduled Outbound Tasks per Service | R | ||||
Interact | Interact enabled | RU | |||
ACS connection string | RU | ||||
O365 UserId | RU | ||||
Widget Key | RE | ||||
Session Recovery Timeout in Seconds | RU | ||||
Authorization | RU | ||||
Assistant | Use your own ACS instance | RU | |||
Attendant Console | Global Contact Search MS Graph Filter | RU | |||
Team Visibility | RU | ||||
Presence Tracking | Track Presence over Guest Accounts | RU | |||
Grant Permission | E | ||||
Primary Account | R | ||||
Test UPN (primary) | RU | ||||
Secondary Account | R | ||||
Test UPN (secondary) | RU | ||||
Modalities | Instant Messaging | Inactivity Timeout | R | ||
Primary Account | R | ||||
Test UPN (primary) | RU | ||||
Secondary Account | R | ||||
Test UPN (secondary) | RU | ||||
Max concurrent IM Tasks per service | R | ||||
Use your own ACS instance | RU | ||||
ACS connection string | RU | ||||
ACS resource ID | RU | ||||
External Tasks | Max concurrent External Tasks per Service | R | |||
Email Tasks | Max concurrent Email Tasks per Service | R | |||
Licenses | - | Tenant State | R | ||
Service | Advanced | R | |||
Enterprise | R | ||||
Contact Center Service | R | ||||
Interact | R | ||||
User | Attendant Console | R | |||
Contact Center User | R | ||||
Interact User | R | ||||
Assistant | R | ||||
Modalities - Instant Message Modality | R | ||||
Modalities - External Task Modality | R | ||||
Modalities - Email Modality | R |
Services
Tab | Section | Property | Tenant Admin | OU Admin | WF Admin |
---|---|---|---|---|---|
Grid | Services | CRUD | CRUD | RU | |
Tasks | E | E | |||
Download Powershell Script | E | E | E | ||
Tasks | Tasks List | RD | RD | ||
Download Traces | E | E | |||
Copy Trace Link | |||||
Settings | General | Name | RU | RU | R |
Service Display Name | RU | RU | R | ||
Service UPN | RU | RU | R | ||
Application ID | R | R | R | ||
Organization Unit | RU | RU | R | ||
PSTN Active | RU | RU | R | ||
PSTN E.164 Number | RU | RU | R | ||
Primary Opening Hours | RU | RU | R | ||
Secondary Opening Hours | RU | RU | R | ||
SLA Hangup | RU | RU | R | ||
SLA Acceptance | RU | RU | R | ||
Short Abandons Threshold in Seconds | RU | RU | R | ||
Hide User Statistics from Reporting | RU | RU | R | ||
Show on Historical Session Page | RU | RU | R | ||
Licences | RU | R | R | ||
Addons | RU | R | R | ||
Modalities | Audio Video checkbox | RU | RU | R | |
Instant Messaging checkbox | RU | RU | R | ||
External Task checkbox | RU | RU | R | ||
Email checkbox | RU | RU | R | ||
Audio Video - Inbound Conversations toggle | RU | RU | R | ||
Audio Video - Outbound Conversations toggle | RU | RU | R | ||
Audio Video - Audio Video Workflow dropdown | RU | RU | R | ||
Audio Video - Voice Message Channel | RU | RU | R | ||
Instant Messaging - Instant Messaging Workflow dropdown | RU | RU | R | ||
Instant Messaging - Service System Messages | RU | RU | R | ||
External Task - External Task Workflow dropdown | RU | RU | R | ||
Email - Email Workflow dropdown | RU | RU | R | ||
Email - Mailbox dropdown | RU | RU | R | ||
Distribution | User Assignment Type | RU | RU | R | |
Distribution Policy | RU | RU | R | ||
Users Immediately Active | RU | RU | R | ||
Conversation Distribution - Available | R | RU | R | ||
Conversation Distribution - Dnd | R | RU | R | ||
Conversation Distribution - Offline | R | RU | R | ||
Conversation Distribution - Busy | RU | RU | R | ||
Conversation Distribution - Away | RU | RU | R | ||
Task Priority | RU | RU | R | ||
ACW | RU | RU | R | ||
Persistent RONA | RU | RU | R | ||
Auto Redirect in Emergency Case | RU | RU | R | ||
Redirect Destination | RU | RU | R | ||
Extensions | Codes - Primary Codes | RU | RU | R | |
Codes - Secondary Codes | RU | RU | R | ||
Assistant - Assistant Conversation Context | RU | RU | R | ||
Assistant - Service Call Templates | RU | RU | R | ||
My Sessions - Conversation Context | RU | RU | R | ||
My Sessions - Store Conversation Context Data toggle | RU | RU | R | ||
My Sessions - Widgets - Codes & Tags toggle | RU | RU | R | ||
My Sessions - Widgets - Contacts toggle | RU | RU | R | ||
My Sessions - Widgets - Embedded Context toggle | RU | RU | R | ||
My Sessions - Widgets - Embedded Context dropdown | RU | RU | R | ||
My Sessions - Widgets - Live Caption toggle | RU | RU | R | ||
My Sessions - Widgets - Transcript toggle | RU | RU | R | ||
My Sessions - Widgets - Session Details toggle | RU | RU | R | ||
My Sessions - Widgets - Map toggle | RU | RU | R | ||
My Sessions - Widgets - Session Parameters | RU | RU | R | ||
Permissions | Service Agents List | RU | RU | R | |
Service Agents Levels and Profiles | |||||
Service Owners List | RU | RU | R | ||
Service Owners Levels and Profiles | |||||
Users | Default Team Owner Role | RU | RU | R | |
Team member can change active state | RU | RU | RU | ||
Users - list | R | R | R | ||
Users - Role - Member | R | R | R | ||
Users - Role - Owner / Limited Team Owner | RU | RU | R | ||
Users - Active toggle | RU | RU | RU | ||
Virtual Assistant | Virtual User Assistant - Voice Transcription toggle | RU | RU | R | |
Virtual User Assistant - Live Captioning toggle | RU | RU | R | ||
Virtual User Assistant - Speech Recognizer dropdown | RU | RU | R | ||
Interact | Interact - Active Toggle (general) | RU | RU | R | |
Interact - Allowed Modalities - Audio&Video Toggle | RU | RU | R | ||
Interact - Allowed Modalities - Instant Message Toggle | RU | RU | R | ||
Interact - Restriction - Restrict Access Toggle | RU | RU | R | ||
Interact - Restriction - Domain Templates Dropdown | RU | RU | R | ||
Interact - Integration | RU | RU | R |
Users
Tab | Section | Property | Tenant Admin | OU Admin | WF Admin |
---|---|---|---|---|---|
Users | Users | CRUD | CRUD | ||
General | Display Name | R | R | ||
Organization Unit | RU | RU | |||
First Name | R | R | |||
Last Name | R | R | |||
UPN | R | R | |||
O365 ID | R | R | |||
Licences | RU | RU | |||
Modalities | RU | RU | |||
Services | Services (user belongs to) | R | R | ||
Roles | Teams-based roles | R | R | ||
Not Teams-based roles | RU | RU | |||
Skills | Skills and levels | RU | RU | ||
Profiles | Profiles | RU | RU | ||
N/A Reasons | Not Available Reasons toggle | RU | RU | ||
Not Available Reasons | RU | RU | |||
Interact | User active | RU | RU | ||
Restrict Access | R | R | |||
Domain Template | R | R | |||
Integration | R | R | |||
Assistant | Direct Call Templates | RU | RU |
Licensing
Tab | Section | Property | Tenant Admin | OU Admin | WF Admin |
---|---|---|---|---|---|
Licensing | - | Tenants Widget | |||
Tenant State Widget | R | ||||
Service Licenses Widget | R | ||||
User Licenses Widget | R | ||||
Level 1 (Tenants List) | |||||
Level 2 (Licenses List) | R | ||||
Edit licences icon | E | ||||
Level 3 (Edit Popup) | RU |
Configuration
Group | Section | Property | Tenant Admin | OU Admin | WF Admin |
---|---|---|---|---|---|
Tenant | Organization Units | Organization Units | CRUD | ||
Name | RU | ||||
Parent | R | ||||
Description | RU | ||||
Workflows | Resources | Resources | CRUD | CRUD | CRUD |
Name | RU | RU | RU | ||
Organization Unit | RU | RU | RU | ||
Audio File | RU | RU | RU | ||
Playlists | Playlists | CRUD | CRUD | CRUD | |
Name | RU | RU | RU | ||
Organization Unit | RU | RU | RU | ||
Playlist Entries | RU | RU | RU | ||
Workflows | Workflow Instances | CRUD | CRUD | RU | |
Name | RU | RU | R | ||
Organization Unit | RU | RU | R | ||
Template Type | R | R | R | ||
Workflow Template | R | R | R | ||
Workflow (Editor) | RU | RU | RU | ||
Workflow Templates | Workflow Templates | CRUD | CRUD | ||
Name | RU | RU | |||
Organization Unit | RU | RU | |||
Template Type | R | R | |||
Workflow Template (Selection) | R | R | |||
Workflow Template (Editor) | RU | RU | |||
Codes | Primary Codes | Primary Codes | CRUD | CRUD | |
Name | RU | RU | |||
Organization Unit | RU | RU | |||
Description | RU | RU | |||
Secondary Codes | Secondary Codes | CRUD | CRUD | ||
Name | RU | RU | |||
Organization Unit | RU | RU | |||
Description | RU | RU | |||
User | Not Available Reasons | Not Available Reasons | CRUD | CRUD | |
Name | RU | RU | |||
Organization Unit | RU | RU | |||
Service | Conversation Context | Conversation Context | CRUD | CRUD | |
Name | RU | RU | |||
Organization Unit | RU | RU | |||
URL | RU | RU | |||
Mailboxes | Name | CRUD | CRUD | ||
Organization Unit | RU | RU | |||
Email Address | RU | RU | |||
Parameters | Parameters | CRUD | CRUD | ||
Name | RU | RU | |||
Organization Unit | RU | RU | |||
Default Value | RU | RU | |||
ID | R | RU | |||
Opening Hours | Opening Hours | CRUD | CRUD | RU | |
Name | RU | RU | R | ||
Organization Unit | RU | RU | R | ||
Default | RU | RU | R | ||
Periods | CRUD | CRUD | CRUD | ||
Distribution | Skills | Skills | CRUD | CRUD | |
Name | RU | RU | |||
Organization Unit | RU | RU | |||
Skill Categories | R | ||||
Skill Categories | Skill Categories | CRUD | CRUD | ||
Name | RU | RU | |||
Organization Unit | RU | RU | |||
Skill Levels | RU | RU | |||
Responsibility Levels | RU | RU | |||
Distribution Policies | Distribution Policies | CRUD | CRUD | ||
Name | RU | CRUD | |||
Organization Unit | RU | CRUD | |||
Order | RU | RU | |||
Preferred User Routing | RU | RU | |||
Waiting Time toggle | RU | RU | |||
Waiting Time editbox | RU | RU | |||
Last User Routing toggle | RU | RU | |||
Last User Routing Treshold editbox | RU | RU | |||
Distribution Levels | RU | RU | |||
Responsibility Profiles | Responsibility Profiles | CRUD | CRUD | ||
Name | RU | RU | |||
Organization Unit | RU | RU | |||
Duty toggle | R | R | |||
Instant Messaging | Direct System Messages | Direct System Messages grid | CRUD | CRUD | |
General - Name | RU | RU | |||
General - Organization Unit | RU | RU | |||
General - Description | RU | RU | |||
General - User | RU | RU | |||
General - Custom Usert Display Name | RU | RU | |||
Messages to User - "Acccept" Adaptive Card | RU | RU | |||
Messages to User - "Terminate" Adaptive Card | RU | RU | |||
Messages to User - Session Embed | RU | RU | |||
Messages to Customer - Session Connected | RU | RU | |||
Messages to Customer - Session Ended by User | RU | RU | |||
Messages to Customer - Session Declined by User | RU | RU | |||
Service System Messages | Service System Messages grid | CRUD | CRUD | ||
General - Name | RU | RU | |||
General - Organization Unit | RU | RU | |||
General - Description | RU | RU | |||
General - User | RU | RU | |||
General - Custom Usert Display Name | RU | RU | |||
Messages to User - "Acccept" Adaptive Card | RU | RU | |||
Messages to User - "Terminate" Adaptive Card | RU | RU | |||
Messages to User - Session Embed | RU | RU | |||
Messages to Customer - Session Connected | RU | RU | |||
Messages to Customer - Session Ended by User | RU | RU | |||
Attendant Console | Address Books | Address Books | CRUD | CRUD | |
Name | RU | RU | |||
Organization Unit | RU | CRUD | |||
Image | RU | CRUD | |||
Interact | Domain Templates (CORS) | Domain Templates (CORS) | CRUD | CRUD | |
Name | RU | RU | |||
Organization Unit | RU | RU | |||
Domain | RU | RU | |||
Nimbus Assistant | Direct Call Templates | Direct Call Templates | CRUD | CRUD | |
Name | RU | RU | |||
Organization Unit | RU | RU | |||
Description | RU | RU | |||
Trigger Event | RU | RU | |||
Call Type | R | R | |||
Actions | RU | RU | |||
Inbound Internal Teams Calls | RU | RU | |||
Inbound PSTN Calls | RU | RU | |||
Inbound External Teams Calls | RU | RU | |||
Service Call Templates | Service Call Templates | CRUD | CRUD | ||
Name | RU | RU | |||
Organization Unit | RU | RU | |||
Description | RU | RU | |||
Trigger Event | RU | RU | |||
Call Type | R | R | |||
Actions | RU | RU | |||
Inbound Internal Teams Calls | RU | RU | |||
Inbound PSTN Calls | RU | RU | |||
Inbound External Teams Calls | RU | RU | |||
Outbound Service Calls | RU | RU | |||
Virtual Assistant | Speech Recognizer | Speech Recognizer | CRUD | CRUD | |
Name | RU | RU | |||
Organization Unit | RU | RU | |||
Type | RU | RU | |||
Language (MSFT) | RU | RU | |||
Region (MSFT) | RU | RU | |||
Key | RU | RU |
Operations
Tab | Section | Property | Tenant Admin | OU Admin | WF Admin |
---|---|---|---|---|---|
Service | Widgets | Tenant dropdown | R | ||
Service dropdown | RU | ||||
Tasks doughnut | R | ||||
Tasks list | RD | ||||
Last Interaction | R | ||||
Interactions | R | ||||
Last Updated | RE | ||||
History | R | ||||
Download Traces | E | ||||
Copy Trace Link | |||||
Customer | Widgets | Tenant dropdown | R | ||
Customer dropdown | RU | ||||
Last Interaction | R | ||||
Interactions | R | ||||
History | R | ||||
Download Traces | E | ||||
Copy Trace Link |
Portal User Permissions
Portal Roles
NOTES
Roles described on this page have access to the Nimbus (Frontend) Portal.
Show Portal URLs…
Nimbus Portal URLs
Switzerland 01 | https://portal.ch-01.luware.cloud/ |
---|---|
Switzerland 02 | https://portal.ch-02.luware.cloud/ |
Germany 01 | https://portal.dewe-01.luware.cloud/ |
Germany 02 | https://portal.dewe-02.luware.cloud/ |
United Kingdom 01 | https://portal.ukso-01.luware.cloud/ |
Australia 01 | https://portal.aue-01.luware.cloud/ |
West Europe 01 | https://portal.euwe-01.luware.cloud/ |
East United States 01 | https://portal.use-01.luware.cloud/ |
✅ Make sure to configure your web proxies to allow access to these domains or whitelist the complete *.luware.cloud domain.
✅ Portal Roles are granted depending on Service type, as Services can be provisioned with different User Assignment Types:
Learn more about User Assignment…
INC User Assignment Types
Each Nimbus service can be of a different user assignment type that determines how users are associated to this service:
- MS Teams-based: Directly tied to your MS Teams "Teams" as determined during Service Provisioning. Users get automatically added and synced to a Nimbus service.
- Skill-based: Applies for manually created services via Service Administration. Requires skill-assignment from users you assign to the service from within your tenant directory.
- None: Has no users, but can be configured by any administrator. Used for IVR or first-level redirection services.
☝ Important to know: The user assignment type is fixated when a service was either provisioned via MS Teams or manually created via Service Administration, e.g. for IVR or skill-based distribution purposes. A switch between MS Teams-based and Skill-based services is not possible due to how individual users are configured and how Nimbus Features operate.
🔎The table below lists all detail permissions. In a nutshell, Portal user roles can do the following:
Tenant Administrator |
|
---|---|
Organization Unit (OU) Administrator |
|
Workflow (WF) Administrator |
|
User Supervisor(1) |
Contact Center Requires a Contact Center license on the user. An addition to an Owner-type role, manually granted via User Administration.
|
Service Supervisor(1) |
Contact Center Requires a Contact Center license on the user. An addition to an Owner-type role, manually granted via User Administration.
|
Contact Center (CC) User |
Contact Center Requires a Contact Center (CC) license on the General User Settings.
|
Service Owner |
Contact Center Requires a Contact Center (CC) license on the General User Settings.
|
Service Agent |
Contact Center Requires a Contact Center (CC) license on the General User Settings. An associated Microsoft Teams channel is not required anymore, so the user can act as “standalone” specialist for dedicated tasks.
|
Team Owner |
Default role granted during Service Provisioning via MS Teams.
|
Team Owner Limited |
A reduced role that can be granted during Service Provisioning via MS Teams.
|
Team Member |
A Nimbus user synched from the Tenant's user directory.
|
(1) GDPR General Data Access limitation (by design): If a user has a Supervisor but not a Team Owner / Service Admin role within a service, only limited datasets in the historical BI Template will be shown. Other tabs and queries in the Power BI Report may appear blank.
→ To see a full dataset (including live Reporting data on the portal), the same user also needs a "Service/Team Owner" role assigned for the respective service(s).
(2) Nimbus “Team” roles are only used to limit access to Nimbus-related functionality. The baseline existing MS Teams role privileges are not affected by Nimbus role assignment. Even in a “limited” Nimbus role - Team Owners can continue to act with all their non-Nimbus related privileges within MS Teams.
👆 Please keep in mind that Nimbus can generate service output data, such as Adaptive Cards which may contain privacy-sensitive customer data gathered via Nimbus Power Automate Connector. Guests in a channel - while not allowed to interact with Nimbus cards - may still read within the chat channels and see service-generated contents.
→ Ensure to check your channel Members and Guests before provisioning Nimbus services to a MS Teams channel.
Table: Nimbus Frontend Portal Roles and Permissions
🔎Legend: Create, Read, Update, Delete, Execute. The term “grid” describes a permission to list (and potentially manipulate) already existing entries of the same type.
Services Overview
Section | Service Supervisor | CC User | Team Member | Service Agent | Team / Service Owner | Team Owner Limited |
---|---|---|---|---|---|---|
Services Overview | R | R | R | R | R | |
Service Settings icon | E | E | E | |||
Call On Behalf | E | E | E | E | ||
Users - Own Active Toggle | N/A | RU | N/A | RU | RU | |
Users - Active Toggle | R | N/A | R | N/A | RU | RU |
Users - Presence icon | R | R | R | R | R | |
Pickup | N/A | E | N/A | E | E |
Service Details
Tab | Section | OU Admin | WF Admin | Service Supervisor | CC User | Team Member | Service Agent | Team / Service Owner | Team Owner Limited | |
---|---|---|---|---|---|---|---|---|---|---|
Dashboard | Dashboard | R | R | R | R | R | ||||
Users List | R | R | R | R | R | |||||
Users - Own Active Toggle | N/A | N/A | RU | N/A | RU | RU | ||||
Users - Active Toggle | RU | N/A | R | N/A | RU | RU | ||||
Pickup | N/A | E | N/A | E | E | |||||
Today's Reporting KPIs | R | R | R | R | R | |||||
Reporting | Service Statistics | R | R | R | R | R | ||||
Tasks Heatmap | R | R | R | R | R | |||||
Users Statistics | R | R | R | R | R | |||||
Historical Sessions | Session Results | R | R | R | ||||||
Sessions | R | R | R | |||||||
Session Types | R | R | R | |||||||
Session Directions | R | R | R | |||||||
Historical Sessions - Service Sessions | R | R | R | |||||||
Historical Sessions - User Sessions | R | R | R | |||||||
Session Details Popup | R | R | R | |||||||
Settings | General | Name | RU | R | R | RU | R | |||
Service Display Name | RU | R | R | RU | R | |||||
Service UPN | RU | R | R | RU | R | |||||
Application ID | R | R | R | R | R | |||||
Organization Unit | RU | R | R | RU | R | |||||
PSTN Active | RU | R | R | RU | R | |||||
PSTN E.164 Number | RU | R | R | RU | R | |||||
Primary Opening Hours | RU | R | RU | RU | RU | |||||
Secondary Opening Hours | RU | R | RU | RU | RU | |||||
SLA Hangup | RU | R | RU | RU | RU | |||||
SLA Acceptance | RU | R | RU | RU | RU | |||||
Short Abandons Threshold in Seconds | RU | R | RU | RU | RU | |||||
Show on Historical Session Page | RU | R | R | R | R | |||||
Hide User Statistics from Reporting | RU | R | R | R | R | |||||
Show on Historical Sessions Page | RU | R | R | R | R | |||||
Modalities | Audio Video checkbox | RU | R | R | RU | R | ||||
Instant Messaging checkbox | RU | R | R | RU | R | |||||
External Task checkbox | RU | R | R | RU | R | |||||
Email checkbox | RU | R | R | RU | R | |||||
Audio Video - Inbound Conversations toggle | RU | R | R | RU | R | |||||
Audio Video - Outbound Conversations toggle | RU | R | R | RU | R | |||||
Audio Video - Audio Video Workflow dropdown | RU | R | R | RU | R | |||||
Audio Video - Voice Message Channel | RU | R | R | RU | R | |||||
Instant Messaging - Instant Messaging Workflow dropdown | RU | R | R | RU | R | |||||
External Task - External Task Workflow dropdown | RU | R | R | RU | R | |||||
Email - Email Workflow dropdown | RU | R | R | RU | R | |||||
Email - Mailbox dropdown | RU | R | R | RU | R | |||||
Distribution | User Assignment Type | RU | R | R | RU | R | ||||
Distribution Policy | RU | R | R | RU | R | |||||
Users Immediately Active | RU | R | R | RU | R | |||||
Conversation Distribution - Available | R | R | R | R | R | |||||
Conversation Distribution - Dnd | R | R | R | R | R | |||||
Conversation Distribution - Offline | R | R | R | R | R | |||||
Conversation Distribution - Busy | RU | R | R | RU | R | |||||
Conversation Distribution - Away | RU | R | R | RU | R | |||||
Task Priority | RU | R | R | RU | R | |||||
ACW | RU | R | R | RU | R | |||||
Auto Redirect in Emergency Case | RU | R | R | R | R | |||||
Redirect Destination | RU | R | R | R | R | |||||
RONA | RU | R | R | RU | R | |||||
Extensions | Codes - Primary Codes | RU | R | R | RU | R | ||||
Codes - Secondary Codes | RU | R | R | RU | R | |||||
Assistant - Assistant Conversation Context | RU | R | R | RU | R | |||||
Assistant - Service Call Templates | RU | R | R | RU | R | |||||
My Sessions - Conversation Context | RU | R | R | RU | R | |||||
My Sessions - Store Conversation Context Data toggle | RU | R | R | RU | R | |||||
My Sessions - Widgets - Codes & Tags toggle | RU | R | R | RU | R | |||||
My Sessions - Widgets - Contacts toggle | RU | R | R | RU | R | |||||
My Sessions - Widgets - Embedded Context toggle | RU | R | R | RU | R | |||||
My Sessions - Widgets - Embedded Context dropdown | RU | R | R | RU | R | |||||
My Sessions - Widgets - Live Caption toggle | RU | R | R | RU | R | |||||
My Sessions - Widgets - Transcript toggle | RU | R | R | RU | R | |||||
My Sessions - Widgets - Session Details toggle | RU | R | R | RU | R | |||||
My Sessions - Widgets - Map toggle | RU | R | R | RU | R | |||||
My Sessions - Widgets - Session Parameters | RU | R | R | RU | R | |||||
Agents | Service Agents List | R | R | R | R | R | ||||
Service Agents Levels and Profiles | RU | RU | ||||||||
Service Owners List | R | R | R | R | R | |||||
Service Owners Levels and Profiles | RU | RU | ||||||||
Users | Default Team Owner Role | RU | R | R | R | |||||
Team member can change active state | RU | RU | RU | R | ||||||
Users - list | R | R | R | R | ||||||
Users - Role - Member | R | R | R | R | ||||||
Users - Role - Owner / Limited Team Owner | RU | R | R | R | ||||||
Active toggle | RU | RU | RU | RU |
Configuration
Tab | Section | OU Admin | WF Admin | User Supervisor | Team / Service Owner | Team Owner Limited | |
---|---|---|---|---|---|---|---|
Workflows | Resources | Resources grid | CRUD | CRUD | CRUD | CRUD | |
Name | RU | RU | RU | RU | |||
Organization Unit | RU | RU | R | R | |||
Audio File | RU | RU | RU | RU | |||
Playlists | Play List grid | CRUD | CRUD | CRUD | CRUD | ||
Name | RU | RU | RU | RU | |||
Organization Unit | RU | RU | R | R | |||
Play List | RU | RU | RU | RU | |||
Workflows | Workflow grid | CRUD | RU | CRUD | CRUD | ||
Name | RU | R | RU | RU | |||
Organization Unit | RU | R | R | R | |||
Template Type | R | R | R | R | |||
Workflow Template | R | R | R | R | |||
Workflow | RU | RU | RU | RU | |||
Codes | Primary Codes | Primary Codes grid | CRUD | CRUD | |||
Name | RU | RU | |||||
Organization Unit | RU | R | |||||
Description | RU | RU | |||||
Secondary Codes | Secondary Codes grid | CRUD | CRUD | ||||
Name | RU | RU | |||||
Organization Unit | RU | R | |||||
Description | RU | RU | |||||
Service | Conversation Context | Conversation Context grid | CRUD | CRUD | |||
Name | RU | RU | |||||
Organization Unit | RU | R | |||||
URL | RU | RU | |||||
Parameters | Parameters grid | CRUD | CRUD | ||||
Name | RU | RU | |||||
Organization Unit | RU | R | |||||
Default Value | RU | RU | |||||
ID | RU | R | |||||
Opening Hours | Opening Hours grid | CRUD | RU | CRUD | CRUD | CRUD | |
Name | RU | R | RU | RU | RU | ||
Organization Unit | RU | R | RU | R | R | ||
Default | RU | R | RU | RU | RU | ||
Periods | CRUD | CRUD | CRUD | CRUD | CRUD |
Flexible Dashboards
Contact Center - Non-Personal Dashboards and Personal Dashboards require a Contact Center license on the user to become accessible. Each Dashboard can be customized with Dashboard Widgets.
Tab | Section | User Supervisor | Service Supervisor | CC User | Team Member | Service Agent | Team / Service Owner | Team Owner Limited | |
---|---|---|---|---|---|---|---|---|---|
Dashboards | Personal Dashboards | CRUD | |||||||
Non-Personal Dashboards | R | ||||||||
Dashboard Widgets | Service | Service KPI Tile | R | W(1) | R | R | R | ||
Service KPI Tabular | R | W(1) | R | R | R | ||||
Service KPI Chart | R | W(1) | R | R | R | ||||
Service KPI Comparison Chart | R | W(1) | R | R | R | ||||
Service KPI Graph | R | W(1) | R | R | R | ||||
Service Queue Tabular | R | W(1) | R | R | R | ||||
Live Service Tasks Tabular | R | W(1) | R | R | R | ||||
Service Outbound Tasks Tabular | RE | W(1) | R | R | RE | ||||
Service External Tasks Tabular | RE | W(1) | R | R | RE | ||||
Service Heatmap | R | W(1) | R | R | R | ||||
Service Supervision | WRE | W(1) | |||||||
User | User Performance Tabular | R | W(1) | R | |||||
User State Tabular | R | W(1) | R | ||||||
User Supervisor Tabular | RE | W(1) | |||||||
User State Chart | R | W(1) | R | ||||||
User Tile | R | W(1) | R | ||||||
Common | Markdown | WR | |||||||
Date & Time | WR | ||||||||
Embedded Website | WR |
(1) W = Widget access. A user needs a CC license to even see Dashboards, and can add Dashboard Widgets. However, seeing data (Services / Users / OUs) inside those widgets requires a dedicated R permission (e.g. Team Member, Agent role) within the service / team.
Power Automate User Permissions
Power Automate Roles
Revoked Role Limitation
🔎 Roles described table below have access to the Nimbus Power Automate Connector.
☝If a User configures a Power Automate Flow for a service, but then loses permissions to configure such a flow (e.g. removed as Service Owner), the previously configured Power Automate Flows will still be triggered.
✅When changing service ownership we recommend you to check for leftover flows or use a global administrator to manage all your flow needs in a centralized fashion.
Table: Nimbus Power Automate Permissions
🔎Legend: Create, Read, Update, Delete, Execute
Certified Connector | Custom Connector | Tenant Admin | OU Admin | Team/Service Owner | Team Owner Limited | ||
---|---|---|---|---|---|---|---|
Conversations | Triggers | - | GetOnNewTasks | E | E | ||
When a task changes state | GetOnUpdatedTasks | E | E | ||||
When the virtual task assistant has an update | E | E | |||||
Actions | Update task | UpdateTask | E | E | |||
Add a new external task | AddExternalTask | E | E | ||||
Remove an external task | RemoveExternalTask | E | E | ||||
Get Data from Virtual Task Assistant | E | E | |||||
Address Books | Actions | Add a contact to an address book | AddOrUpdateContact | E | E | ||
Update a contact in an address book | - | E | E | ||||
Empty an address book | ClearContacts | E | E | ||||
Get contact(s) from ana address book | GetContacts | E | E | ||||
Remove contact(s) from an address book | RemoveContacts | E | E | ||||
Outbound Service Calls | Triggers | When a scheduler entry changes state | GetOnUpdatedOutboundTask | E | E | ||
Actions | Schedule a new outbound call | AddOrUpdateOutboundTask | E | E | E | ||
Get all scheduler entries | GetOutboundTasks | E | E | ||||
Update a scheduler entry | - | E | E | ||||
Remove a scheduler entry | RemoveOutboundTask | E | E |
Reporting User Permissions
Reporting Roles
NOTES
🔎Roles described in the table below have access to Historical Sessions summarized in a Nimbus Power BI Report Template.
✅ When Setting Up Power BI and connecting to the OData Feed (e.g. via the Report Template or other means), any of the user roles below are required. The Organization Unit of the connecting user account determines, which service and user data will become available in the data query.
Historical Session & User Data(2) | User Supervisor | Service Supervisor | Team / Service Owner | Team Owner Limited |
---|---|---|---|---|
Service Sessions | R | R | R | |
User Sessions | R | R | R | |
User States | R | |||
Service Session Aggregates(1) | R | R | R | |
User Session Aggregates(1) | R | R | R |
(1) Refer to Data Aggregation.
(2) All data is built from the Nimbus Reporting Model.