Assign standard roles

Updated

Account Admins grant team members access to workspaces by assigning them workspace-level roles. A standard role comes with a defined set of permissions. To create roles with custom permission sets, check out Custom roles.

Overview

You can assign standard roles to team members from Workspace Settings or from Account Settings > Team Members.

A workspace-level role controls the set of permissions a team member has in a single workspace. We offer three standard roles:

  • Workspace Admin (full access)
  • Author (partial access)
  • Viewer (view-only access)

When you assign Author or Viewer roles, you choose whether to limit their access to sensitive data. This helps you keep your account as secure as possible.

Remember that before you specify workspace-level persmissions, you have to choose an account-level permission: Account Admin or Member. Account Admins are always Workspace Admins in every workspace. This ensures Account Admins have full rights across each of your workspaces. Members can have different workspace-level roles for each workspace they have access to.

Workspace Admin

Workspace Admins have full access to all settings and features in a workspace. This is the only workspace-level role that can:

  • Import or export user data
  • Manage integrations
  • Create, edit, or delete collections
  • Mark attributes as sensitive in the Data Index and hide them from Authors or Viewers

They cannot create or delete workspaces; only Account Admins can.

Author

Authors have partial access to workspace settings and features. They can manage some features like content and campaigns, but only view others like collections.

Account and Workspace Admins can decide whether to hide sensitive attribute data from authors.

 Authors with sensitive data hidden can’t edit people

Authors with sensitive data hidden have the same functionality as authors who can view all data, with one exception: they can’t edit people.

Viewer

Viewers have no access to workspace settings and partial access to workspace features. They have view-only permissions to all workflows, content, and data in a workspace.

Account and Workspace Admins can decide whether to hide sensitive attribute data from viewers.

Compare permissions across standard roles

Workspace settings

PermissionWorkspace
Admin		AuthorViewer
General Workspace Settings
Viewcheck_circlecheck_circlehighlight_off
Updatecheck_circlehighlight_offhighlight_off
Messaging Settings
Viewcheck_circlecheck_circlehighlight_off
Updatecheck_circlecheck_circlehighlight_off
Email Suppression List
Viewcheck_circlecheck_circlehighlight_off
Unsuppresscheck_circlehighlight_offhighlight_off
Exportcheck_circlehighlight_offhighlight_off
Language Settings
Viewcheck_circlecheck_circlehighlight_off
Updatecheck_circlecheck_circlehighlight_off
Merge Options
Viewcheck_circlecheck_circlehighlight_off
Updatecheck_circlehighlight_offhighlight_off
Message Limit
Viewcheck_circlecheck_circlehighlight_off
Updatecheck_circlecheck_circlehighlight_off
Subscription Center
Viewcheck_circlecheck_circlehighlight_off
Updatecheck_circlecheck_circlehighlight_off
Time Zone Match
Testcheck_circlecheck_circlehighlight_off
URL Parameters
Viewcheck_circlecheck_circlehighlight_off
Updatecheck_circlecheck_circlehighlight_off

Journeys

PermissionWorkspace
Admin		AuthorViewer
Send messagescheck_circlecheck_circlehighlight_off
Campaigns
Createcheck_circlecheck_circlehighlight_off
Viewcheck_circlecheck_circlecheck_circle
Updatecheck_circlecheck_circlehighlight_off
Deletecheck_circlecheck_circlehighlight_off
Assign/Unassign Tagscheck_circlecheck_circlehighlight_off
Broadcasts
Createcheck_circlecheck_circlehighlight_off
Viewcheck_circlecheck_circlecheck_circle
Updatecheck_circlecheck_circlehighlight_off
Deletecheck_circlecheck_circlehighlight_off
Assign/Unassign Tagscheck_circlecheck_circlehighlight_off
Transactional Messages
Createcheck_circlecheck_circlehighlight_off
Viewcheck_circlecheck_circlecheck_circle
Updatecheck_circlecheck_circlehighlight_off
Deletecheck_circlecheck_circlehighlight_off
Assign/Unassign Tagscheck_circlecheck_circlehighlight_off
Deliveries & Drafts
Viewcheck_circlecheck_circlecheck_circle
People
Createcheck_circlehighlight_offhighlight_off
Viewcheck_circlecheck_circlecheck_circle
Update1check_circlecheck_circle1highlight_off
Deletecheck_circlehighlight_offhighlight_off
Object Types
Createcheck_circlehighlight_offhighlight_off
Viewcheck_circlecheck_circlecheck_circle
Updatecheck_circlehighlight_offhighlight_off
Deletecheck_circlehighlight_offhighlight_off
Objects and Relationships
Createcheck_circlecheck_circlehighlight_off
Viewcheck_circlecheck_circlecheck_circle
Updatecheck_circlecheck_circlehighlight_off
Deletecheck_circlecheck_circlehighlight_off
Segments
Createcheck_circlecheck_circlehighlight_off
Viewcheck_circlecheck_circlecheck_circle
Updatecheck_circlecheck_circlehighlight_off
Deletecheck_circlecheck_circlehighlight_off
Import CSVcheck_circlecheck_circlehighlight_off
Assign/Unassign Tagscheck_circlecheck_circlehighlight_off
Ad Audiences
Createcheck_circlecheck_circlehighlight_off
Viewcheck_circlecheck_circlecheck_circle
Deletecheck_circlecheck_circlehighlight_off
Integratecheck_circlehighlight_offhighlight_off
Pausecheck_circlecheck_circlehighlight_off
Resumecheck_circlecheck_circlehighlight_off
Assign/Unassign Tagscheck_circlecheck_circlehighlight_off
Activity Logs
Viewcheck_circlecheck_circlecheck_circle
Data Index
Viewcheck_circlecheck_circlecheck_circle
Update attribute descriptionscheck_circlehighlight_offhighlight_off
Exportcheck_circlehighlight_offhighlight_off
Tags in the data index
Createcheck_circlecheck_circlehighlight_off
Updatecheck_circlecheck_circlehighlight_off
Deletecheck_circlecheck_circlehighlight_off
Assigncheck_circlehighlight_offhighlight_off
Removecheck_circlehighlight_offhighlight_off
Integrations
Createcheck_circlehighlight_offhighlight_off
Viewcheck_circlehighlight_offhighlight_off
Updatecheck_circlehighlight_offhighlight_off
Deletecheck_circlehighlight_offhighlight_off
Data Import/Export
Importcheck_circlehighlight_offhighlight_off
Exportcheck_circlehighlight_offhighlight_off
Message Library
Viewcheck_circlecheck_circlecheck_circle
Assets
Viewcheck_circlecheck_circlecheck_circle
Deletecheck_circlecheck_circlehighlight_off
Uploadcheck_circlecheck_circlehighlight_off
Email Layouts
Createcheck_circlecheck_circlehighlight_off
Viewcheck_circlecheck_circlecheck_circle
Updatecheck_circlecheck_circlehighlight_off
Deletecheck_circlecheck_circlehighlight_off
In-app Message Library
Viewcheck_circlecheck_circlecheck_circle
Snippets
Createcheck_circlecheck_circlehighlight_off
Viewcheck_circlecheck_circlecheck_circle
Updatecheck_circlecheck_circlehighlight_off
Deletecheck_circlecheck_circlehighlight_off
Collections
Createcheck_circlehighlight_offhighlight_off
Viewcheck_circlecheck_circlecheck_circle
Updatecheck_circlehighlight_offhighlight_off
Deletecheck_circlehighlight_offhighlight_off
Design Studio - Styles
Viewcheck_circlecheck_circlecheck_circle
Createcheck_circlecheck_circlehighlight_off
Updatecheck_circlecheck_circlehighlight_off
Deletecheck_circlecheck_circlehighlight_off
Design Studio - Files
Viewcheck_circlecheck_circlecheck_circle
Exportcheck_circlecheck_circlecheck_circle
Createcheck_circlecheck_circlehighlight_off
Updatecheck_circlecheck_circlehighlight_off
Deletecheck_circlecheck_circlehighlight_off
Design Studio - Feedback
Feedback modecheck_circlecheck_circlecheck_circle
1Authors with sensitive attributes hidden cannot edit people

Hide sensitive attributes

Premium This feature is available for Premium plans. Enterprise This feature is available for Enterprise plans.

If you’re on a Premium or Enterprise plan, then Account and Workspace Admins can mark profile attributes as “sensitive” in the Data Index and decide whether to hide this data from team members. This redacts values but not attribute names from the workspace.

Mark attributes as sensitive

Account admins and workspace admins can mark profile attributes as sensitive in the Data Index. This redacts values but not attributes names from the workspace and helps ensure data privacy across team members. If you have a custom role that includes the Edit permission for the Data Index, you can also mark attributes as sensitive.

The index also includes events, objects, and relationship attributes; however, you can only mark profile attributes as sensitive at this time. If an event attribute has the same name as a profile attribute marked as sensitive, those event values will also be redacted.

  1. In the Attributes tab, click an attribute.
  2. Click Edit in the panel.
  3. Click “Make sensitive.” To unhide sensitive attributes, select the box to uncheck it.

     Not seeing Make sensitive?

    Check that you’re an Account Admin or Workspace Admin in Team Members. If you are, then check whether you’re on a Premium or Enterprise plan or reach out to someone with billing access. Otherwise, you’ll have to upgrade for access.

  4. Click Save.
  5. Next, assign “Hide sensitive attributes” to team members.

Choose “Hide sensitive attributes” when assigning standard roles

After an admin marks attributes as sensitive in the Data Index, they must update Authors or Viewers so they can’t view these sensitive attributes:

  1. Go to Workspace Settings.
  2. Scroll to the bottom section “Who should have access?”
  3. Change the dropdown from “Show all attributes” to “Hide sensitive attributes” for each team member.

If you’re an Account Admin, you can also assign this from Team Members:

  1. Under Workspace level permissions, specify Author or Viewer for workspaces.
    team-member-hide-sensitive.png
    team-member-hide-sensitive.png
  2. Choose Hide sensitive attributes from the dropdown.
  3. Save or invite your team member.

These team members will now see values redacted for sensitive attributes. If they send test messages or webhooks from your workspace, those messages and responses will also contain redacted values.

 Authors with sensitive data hidden can’t edit people

Authors with sensitive data hidden have the same functionality as Authors who can view all data, with one exception: they can’t edit people.

 Do you see the option Hide all attributes?

If so, this is a legacy feature and you can learn more about how this limits authors access to data and functionality.

Copied to clipboard!
  Contents