Managed by | Updated .
Each user should have a minimum of 2 roles assigned. The roles should separate the permission sets from the resources. Configure roles with permission sets rather than configuring everything directly on the individual user account.
- One role defines the set of resources available (e.g. collections, profiles, licences)
- One role defines the set of permissions (e.g. access to all the analytics and reporting functions)
This allows the same resource permission to be assigned to all users from the same organisation, and then layer on top the permissions sets appropriate for a user.