Access Management
      Back to home
      1. Help Center
      2. 3 - User Settings and Configuration
      3. Access Management

      Access management

      You can manage access for your organization's users if you have the System administrator role.

      If you're new to Bluestone PIM, starting with getting to know the permissions and access could be a good place to start. Access management enables administrators to manage user access and permissions through managed roles, custom roles and policies.

      With access management, administrators can ensure that only authorized users can access sensitive data and functionalities, reducing the risk of data breaches and unauthorized activities.

      Roles overview 

      Create a custom role    Set/unset role as default    Delete a custom role   

          Policies overview

      Add a policy    Rename a policy    Delete a policy

      Users overview    

      Create a new user    Assign policies to a user

      Select Settings | Access management from the main menu to manage your organization's roles and policies:



      Roles overview

      Bluestone PIM uses the following definitions:

      1. Managed roles: Pre-established roles equipped with a definite set of permissions and constraints. See the section below for an overview.
      2. Custom roles: Roles that can be created and customized according to specific organizational requirements.
      3. Default role: Setting a role as default implies that all new users will automatically be assigned this role.

      Managed roles

      Managed roles are pre-defined and managed by Bluestone PIM. These are marked with a padlock icon.

      Select a role to view its permissions within the different modules:

      The following managed roles are defined:

      • SYSTEM ADMIN: This role allows complete access to manage the PIM platform, including access management and configuration of a PPE dashboard.
      • PLUGIN ADMIN: This role enables the user to access all available features in plugins assigned to the organization.
      • PIM ADMIN: This role provides access to PIM definitions such as attributes, catalog, categories, and relations, along with labels, tasks, and notifications.
      • PIM WRITE: This role allows users to create and edit product details such as attribute values, catalog, categories, assets, relations, and labels. It also provides access to tasks and notifications.
      • PIM READ: This role provides read-only access to product details such as attributes, catalog, categories, assets, relations, and labels.
      • PIM PERSONALIZED: This role gives users access to the PPE module which provides a simplified user interface for product management.
      • SUPPLIER: This role gives users access to the PPE module which provides a simplified user interface for product management. Typically assigned to supplier users where product updates need to be approved.

        Note: Both the PIM Personalized and Supplier roles give access to edit product number and description. A new PPE role must be set up to disallow this.

      • DAM WRITE: This role allows the user to upload and edit assets.
      • DAM READ: This role provides read-only access to assets.
      • RULES ENGINE WRITE: This role provides access to create and edit rules from the full-page plugin and the rules engine tab of Categories.
      • RULES ENGINE READ: This role allows read-only access to the full-page plugin and rules engine tab.
      • FTP: This role enables users to upload assets using an FTP client. Only one user can be assigned to the FTP role per organization.

      Create a custom role

      Custom roles in Bluestone PIM allow System Admins to create roles tailored to specific organizational requirements. 

      • Navigate to Settings | Access Management.

      • Click the plus icon located in the left panel to add a new role.

      • Enter the name of the new role in the text field, and click Confirm.

      Set/unset a role as default

      Any type of role can be set as default. Do the following:

      • Navigate to Settings | Access Management.
      • Hover the desired role and click the 3-dots menu.
      • Select Set role as default.



        When adding a new user, the default role is assigned:


      If you don't want any role to be selected by default when assigning roles to users, do the following:

      • Navigate to Settings | Access Management.
      • Hover the role set as default and click the 3-dots menu.
      • Select Unset role as default.

      Delete a custom role

      Follow these steps to delete a custom role:

      • Navigate to Settings | Access Management.
      • Hover the desired role and click the 3-dots menu.
      • Select Delete.



      Policies overview

      A policy contains a set of rules that determine/limit which functionality can be accessed and utilized by the users having the policy assigned. Policies can only be assigned to Restricted users.

      Add a policy

      • Navigate to Settings | Access Management.
      • Click on the plus icon located in the left panel to add a policy.
      • Enter the name of the new policy in the text field, and then click on the Confirm button.

      Delete a policy

      • Navigate to Settings | Access Management.
      • Hover the desired role and click the 3-dots menu.
      • Select Delete.

      Rename a policy

      • Navigate to Settings | Access Management.
      • Hover the desired role and click the 3-dots menu.
      • Select Rename. The following window is presented:

      • Update the name.
      • Click Ok to confirm.

      Users

      When setting up a user, you will need to know if this user should have access to all content (Standard) or limited content (Restricted). Then you assign the applicable role(s). In addition, if the user is defined as Restricted, you assign the relevant policies.

      Bluestone PIM separates users into two categories:

      • Standard user: 
        The user is limited by the roles assigned, but has no restrictions in terms of Bluestone PIM content data like products, attributes, categories and relations.
      • Restricted user: 
        The user is limited by the roles assigned, but needs one/more policies assigned in addition. A policy gives the user access to content. Without a policy assigned, the restricted user doesn't have access to any content.

      Create a new user

      Do the following to create a new user:

      1. Select Settings | Users from the main menu.
      2. Click the plus icon in the upper right corner. The following window is presented:



      3. Enter the Name and Email address.
      4. Select the Type of user; Standard or Restricted.
      5. Assign the relevant User roles by clicking the plus icon.
        Roles can also be assigned/unassigned when editing the user at a later stage.
      6. Click Save when you are done.

      Please see Assign policies to a user for information on how to assign policies to a restricted user.

       

      Assign policies to a user

      Follow these steps to assign one/more policies to a user:

      1. Select Settings | Users from the main menu.

      2. Click the relevant user. The details panel is opened:

      3. Click the plus icon in the Roles section.
      4. Select a role from the dropdown list.
      5. Click the green check mark to assign the role to the user.

      Back to the top