This article describes the unified platform permissions system.
Platform Permissions is in GA for new customers and in EEA (Expanded Early Access) for select customers. If you are interested in trying this feature or need to migrate from EA to EEA, contact your customer success manager. For more information, see the project rollout plan.
How it works
Tealium provides a unified permissions system that lets you to manage user access to your account and profiles through permission groups and admin roles.
A permission group defines a set of product access levels for the profiles in your account. Users in a group inherit those permissions for the associated profiles, which simplifies managing permissions for a large number of users and profiles.
Client-side profiles are separate from server-side profiles, but a single permission group can grant access to both.
An admin role grants access to features and settings that affect the entire account. A user with an admin role receives those permissions regardless of their permission group membership, which makes it easier for you to delegate management of your account to specific users. Users without admin roles receive only the access to the account they obtain through their membership in permission groups.
New user activation
When you invite users to your account, they receive an email to activate their account. After a user activates their account, add them to a permission group with the appropriate profile and product feature access. You can add a user to multiple permission groups to grant the user greater access to the profiles, such as publishing rights.
Dynamic user interface
The interface changes based on the user’s permissions:
If a user does not have access to a product, that product does not appear in the navigation.
If a user has access to some features, but not others, they see only the features they can access in the navigation.
If a user does not have edit permission for a feature, the Edit button does not appear on pages for that feature.
The method you use to set up your account, users, and permissions structure will differ depending on your organization’s size and complexity.
The following steps list one possible strategy to organize the initial access to your account:
Determine the users and teams that will need access to your Tealium account.
Organize the users into groups based on their job responsibilities and the access they need for your account’s profiles and Tealium features.
Create permission groups with the necessary access to profiles and features based on the groups you came up with in Step 2.
Users - Invite new users and manage existing users in the account.
On EA and EEA accounts, the Manage Permissions screen also displays the Permissions Enforcement status on the account. Permissions Enforcement disables the legacy permissions system for an account and enables platform permissions. This setting is available for only EA and EEA accounts as part of their migration plan; it is not available for GA accounts.