Roles and Permissions for Access to Your ActivTrak Account

User Roles Overview 

By default, the email used to create your ActivTrak account will be an Administrator (Admin) role. When inviting other users to the account, Admins assign User Roles to determine which data and settings each user can view and/or configure. This enables you to give employees access to ActivTrak data without revealing sensitive information about other users.

There are four User Roles within your ActivTrak account: Admin, Configurator, Power User, and Viewer. While you can configure and assign these roles to meet your organization’s unique needs, the table below provides an overview of the default permissions for each, and guidelines to help you determine the appropriate role for various employees.

  Admin Configurator Power User Viewer
Recommended Audience

Account Owner, IT

Mid-Level & Frontline Managers

Mid-Level Managers, Executives, Analytics Teams

Individual Contributors
Default Access Oversee and manage the entire ActivTrak account, invite and remove users, assign User Roles, manage Groups, and configure security settings.

Can view data for all Users and Groups, create and manage Groups, and manage activity classification and Alarms.

Cannot provide app access to new users, assign or change User Roles, install or delete agents, or upgrade/add licenses to the account.

Can view data for themselves and team members at a high level, with the ability to drill down to specific activities.

Cannot see the data of users on other teams, manage Users or Groups, or manage any account settings.

Can view high-level data for themselves and team members.

Cannot drill down to a detailed view of activities or access any account settings.
Suggested Use Case

Administer the account without necessarily consuming data and insights.

Configure settings, alarms, app access, and activity classification.

Ideal for team managers who need the ability to create and manage Groups that map to their teams, configure Alarms, and classify activities (productive, unproductive, collaborative). Ideal for team managers and executives to get insight into team-wide or organization-wide productivity and work habits, but do not need to configure Groups or account settings. Ideal for individual contributors to understand their own work habits and those of their teammates, and assess progress toward goals.

Configuring User Roles

Before inviting new users to your account, make sure that each User Role allows the appropriate level of access based on your organization’s unique needs. You can view and configure the permissions assigned to each role from the Role Access page in the left-hand app navigation (Settings > Access > Role Access). 

From the Role Access table, you can configure User Roles manually by selecting the individual dashboards and features you want to assign to each role. You can also use Guided Account Setup to set user role permissions based on your organization’s use cases and data access preferences. Simply click Launch Guided Account Setup below the Role Access table, as shown below.

Launch_Guided_Account_Setup_-_Role_Access_Page.png

  • When you first visit the Role Access page, the default settings for each User Role will be selected. If you’re happy with the way User Roles are currently configured, you can leave them as-is. (See the Feature Matrix at the end of this article for a detailed breakdown of the default settings.)
  • If you make changes and want to revert back to the default settings, you can do so at any time by clicking ‘Reset Roles to Default Settings’ in the upper right-hand corner of the Role Access page.
  • Changes made to User Role permissions will take effect for all users currently assigned a given role, as well as users invited to the account with that role going forward. If a user is logged into the app when Role Access settings are changed, the new settings will not be reflected until the user’s next login. When making changes to settings for the Admin role, the Admin must log out and log in again in order for the changes to take effect.
  • Any report or feature that is blocked for a particular role will not appear in the app navigation or in the Dashboard (if applicable). For example, if Team Pulse is blocked for the Power User role, Power Users will not see the Team Pulse tab in the navigation, nor will they see the Team Pulse widget in the dashboard.
  • While Power Users and Viewers will have access to any pages you choose, the dashboards and reports they view will only display data for their Viewable Groups.
  • Some default settings cannot be overwritten:
    • Classification
    • Access > ActivTrak Profile, Weekly Digest
    • Users & Groups > Groups
    • Blocking
    • Scheduling
    • Time Zone
    • Configurators can only be given limited access to Settings. Selecting the ‘Settings’ checkbox for the Configurator role enables access to the following tabs:
    • Power Users & Viewers cannot be given access to Settings.
    • Viewers cannot be given the ability to export data.
    • Alarms access is limited to Read-Only for Power Users, and cannot be given to Viewers.

Data Privacy Controls

While User Role permissions let you control which dashboards and features are accessible to users on your account, Data Privacy Controls impact the level of detail shown within dashboards and reports to ensure greater employee privacy. Enabling these controls hides specific detail of employees’ activity — including website and application title bars, detailed URLs, subpages, and images of employees’ screens — from all dashboards and reports. These controls are enabled at the account level and apply to all User Roles.

Admins can enable or disable Data Privacy Controls via the Data Privacy toggle in the upper left-hand corner of the Role Access page.

Note: Data Privacy Controls hide certain data points within reports, but they do not prevent the Agent from collecting and storing data. If the controls are disabled, these data points will populate retroactively in reports for the time period when the controls were enabled.

Data_Privacy_Toggle_on_Role_Access_Page.png

Date Filter Options

The Date Filter Options table on the Role Access page allows you to select the date filters available to users when filtering reports. Limiting filter options to shorter timeframes ensures faster report load times.

datefilteroptions.png

Inviting & Managing Users

From the left-hand navigation menu, select Settings > Access > App Access to reach the App Access page. Here, Admins can:

  • Invite new users to the account and assign User Roles
  • Change User Roles for existing users
  • Delete users
  • Change users' passwords
  • See and assign Viewable Groups (the Groups whose data a User can see)

To invite a new user to your account, click 'Add New ActivTrak ID' in the upper left-hand corner of the App Access page. Enter the user's name and email address, then select the User Role you want to assign.

While Admins and Configurators can view data for all Groups by default, Power Users and Viewers can only see their Viewable Groups' data. To assign or manage Viewable Groups, find the user's name in the App Access table, click the value that appears under 'Viewable Groups' in that row, then select the Groups that the user can view and/or set goals for (goal-setting only applies to Premium accounts).

Selecting 'All Users and Groups (current & future)' gives a user access to all existing Groups as well as Groups created at a later date.

Note: Users assigned a Power User or Viewer role will not see data populated in the account until they have been assigned a Viewable Group. For information on creating and managing Groups, see this article.

 

mceclip0.png

To delete or change a user's password, click the 3 dots in the far-right column of the row corresponding to the user. You must enter a user’s current password in order to change it.

Default User Role Settings

Feature_Matrix_-_Default_Role_Access_Settings_-_Apr_2022.png

Learn More:

Was this article helpful?

13 out of 19 found this helpful

Comments

No comments