Role-based access control
JAICP has support for role-based access control. It allows restricting user access to JAICP functions based on their roles.
When creating a project group, the owner invites users to the group and assigns roles to them.
A user can have multiple roles. Sets of their roles in different project groups may vary.
User roles
- The BUSINESS_OWNER role is designed for managers. Users with this role can view project group data and manage subscription plans.
- The CONTENT_MANAGER role is designed for developers without JAICP DSL knowledge. Users with this role can create scripts in the J‑Graph visual editor and edit the knowledge base. They won’t have access to the source code editor and NLU settings. Someone with this role will also have access to analytics data and logs.
- The DEVELOPER role is designed for developers as well. Users with this role can create projects both in the J‑Graph visual editor and source code editor using JAICP DSL.
- The LINGUIST role is designed for NLU professionals. Users with this role can manage CAILA intents and entities and NLU settings, modify the script in the J‑Graph visual editor, and edit the knowledge base, as well as view analytics data and logs.
- The OUTBOUND_MANAGER role is designed for outgoing communications management, which includes text and call campaigns. Users with this role can create client lists, view telephony settings, and deploy projects.
- The SYSTEM_ADMIN role is designed for system settings management. Users with this role can create and configure projects, as well as manage inbound and phone channels.
| Permissions | Roles | |||||
|---|---|---|---|---|---|---|
| Project creation and setup | BUSINESS OWNER |
CONTENT MANAGER |
DEVELOPER | LINGUIST | OUTBOUND MANAGER |
SYSTEM ADMIN |
| Create and modify projects and channels | + | |||||
| View telephony settings | + | + | + | |||
| Modify telephony settings | + | |||||
| Project development and deploy | BUSINESS OWNER |
CONTENT MANAGER |
DEVELOPER | LINGUIST | OUTBOUND MANAGER |
SYSTEM ADMIN |
| View the script in J‑Graph and the knowledge base data | + | + | + | + | + | + |
| Modify the script in J‑Graph and edit the knowledge base | + | + | + | + | ||
| View CAILA intents and entities and NLU settings | + | + | + | |||
| Modify CAILA intents and entities and NLU settings | + | |||||
| View the script code | + | + | ||||
| Modify the script code | + | |||||
| View server logs | + | + | + | + | + | |
| Deploy projects | + | + | + | + | + | |
| Outbound communications | BUSINESS OWNER |
CONTENT MANAGER |
DEVELOPER | LINGUIST | OUTBOUND MANAGER |
SYSTEM ADMIN |
| Create client lists | + | |||||
| View text and call campaigns | + | |||||
| Manage text and call campaigns | + | |||||
| Analytics and statistics | BUSINESS OWNER |
CONTENT MANAGER |
DEVELOPER | LINGUIST | OUTBOUND MANAGER |
SYSTEM ADMIN |
| Receive weekly email‑reports on bot statistics | + | + | + | + | + | + |
| View statistics | + | + | + | + | + | |
| View client analytics | + | + | + | + | + | |
| Add labels | + | + | ||||
| Modify the label catalog | + | |||||
| Other | BUSINESS OWNER |
CONTENT MANAGER |
DEVELOPER | LINGUIST | OUTBOUND MANAGER |
SYSTEM ADMIN |
| View users in project groups | + | + | ||||
| View and modify subscription and affiliate program data | + | + | ||||
| Block and unblock clients | + | |||||
Specialized roles
- Users with the RAWLOGS_ANALYTIC role can download dialog logs in the
.csvformat. - The SECURITY_ADMIN role is designed for information security specialists. Users with this role can manage security settings. This includes viewing, creating, and modifying log obfuscation rules and secrets.
- The USER_ADMIN role is designed for administrators managing access permissions. They can configure user roles and profiles, as well as view user actions.
| Permissions | Roles | ||
|---|---|---|---|
| Security settings | RAWLOGS ANALYTIC |
SECURITY ADMIN |
USER ADMIN |
| View secrets | + | ||
| Create and modify secrets | + | ||
| View log obfuscation rules | + | ||
| Create and modify log obfuscation rules | + | ||
| Users | |||
| View users in a project group | + | ||
| View user actions | + | ||
| Manage user roles | + | ||
| Other | |||
| Download dialog logs | + | ||
Previously, users could have the following roles: ACCESSOR, ANALYST, DIALER_USER, OPERATOR, TECH_SUPPORT, and INITIAL. These roles are supported in the current access control model, but will be replaced with the new ones in the next updates. It is recommended to assign roles from the updated model.