Admin Refresh Experience: Absorb LMS Roles & Permissions Overview

Follow

This article provides information and guidance on a portion of the Absorb LMS Admin Experience that is now upgraded to the Admin Refresh Experience.

Please visit our Absorb Admin Refresh Checklist article for more details about what is available with the free Absorb Admin Experience upgrade.

Admin Roles & Permissions

Admin Refresh Experience


Table of Contents


Overview

A Role is a permission set provided to a User.  Roles grant access within the Admin Interface.  The Admin Interface is where you manage the administrative settings and functions of Absorb LMS.
 
This article will introduce you to the default system Roles, their permissions, and options available when creating a custom role and outlines what we refer to as "permission dependencies". 

Important Notes about Roles - Please Read

  • When selecting permission actions, remember that the Modify action must be paired with the View action for the Role to see and make changes.

  • When selecting permissions for a Role, enabling the General option alone will limit the Role’s ability to administer the identified section and may not provide enough access to fulfill their responsibilities. Be sure to pair other options along with it to tailor the administrative experience you want to permit. It is always a good practice to test the Role and verify it performs as intended.

  • When you enable the Admin Refresh experience for your environment, any role (default or custom) with Modify permission selected will grant all tile or section permissions.

  • We encourage you to create Custom Roles for your environment and not to use the default system Roles "as-is". Building new Roles configured to the different Admin-type personas needed for your use cases will help you ensure questions about access, permissions, and responsibilities are addressed prior to implementing workflows based on assumed Role settings.

  • Roles work in tandem with User Management, with the former determining WHAT an Admin can manage and the latter determining WHO they can manage.

For an in-depth review of changes introduces with the Admin Refresh to specific permissions, please check out Admin Refresh: Role Permission Changes.

 


System Default Roles

There are four (4) default Roles available, each focusing on a specific area within the Admin Interface. They are organized in descending order of responsibility in the table below:

Default Role Description
System Admin

System Admins are the owners of the Absorb LMS system at their organization. They generally are the primary contacts who work with the Absorb Client Services Teams (Onboarding, Support, and Client Success).  System Admins have the highest administrative privilege, with permission to view, build, modify, and delete content held within the Admin Interface. 

In addition to this, a System Admin also can configure global functionality within Setup > Portal Settings.

System Admin role will also bypass a number of restrictions that apply to other Admin roles including user management limitations, ability to modify any level of the admin account, and visibility of reporting generated by all users on the portal.

Admin Admins have access to the Admin Interface, with options to view, build, modify, and delete content per their Account level permission. This admin level does not have visibility to Setup > Portal Settings.
Instructor

Instructors have access to the Admin Interface but are limited to reports related to  Instructor-Led Courses (ILC).

Reporter Reporters have read-only access to view Reports in the Admin Interface.  Reporters cannot make changes to report data or other content.  Reporters will be able to use Report Actions from Saved Layouts, if accessible to them.

 

Keep in Mind:

  • Default Roles cannot be modified; however, you can easily duplicate any existing role and then make adjustments to the new version.

  • Additional Role permission option configuration may be necessary to use filters within reporting. For instance, the Administrator must have Categories or Departments (View and/or Modify) to filter by these fields in reporting. You can view a chart that compares the permissions of these roles here.

  • Admins must have Generated Reports in their Role, in order to export data to Excel or CSV on any Administration page or Report page. 

Duplicate & Customize Default Roles

System Default Roles can easily be duplicated and modified to create custom roles.   Click the checkbox next to the name of the Role to select, then click the Duplicate Role button from the context menu.

AR-Roles-Duplicate.jpg

Important Note about Duplicate Roles

All default admin roles mentioned above include built-in permissions that do not appear in the permissions checklist. These built-in permissions are only visible using the Permissions Overview button on the User Profile > Account once a role has been added. Any subsequent duplicates of a default role/duplicate will continue to carry on these hidden permissions.

For example, the Instructor toggle grants these permissions:  

  • Contact Us
  • ILC Activity
  • Report
  • ILC Grades Report
  • ILC Waitlist Report
  • ILC Sessions Report
  • Session Approval

These permissions are not visible in the permission overview on the User's Profile.

Additional Default Roles

Your Absorb LMS portal will present additional Default Roles if other products or services have been purchases. Please refer to your Account Manager for more information regarding getting these additional features turned on in your LMS.

Product Additional Default Role
Absorb Inform Service Business Intelligence Viewer
Absorb Create LI Create Editor
Salesforce.com Integration Salesforce Enrollment Admin

 


Custom Roles

System Admins and Admins with  Role (View and Modify) in their permissions can create customized Admin Roles to provide permission to specific areas of the Admin Interface. This can be useful for filling a niche where the pre-built roles just don't meet your organization's needs.

Custom roles can be created by selecting the Add New Role option from the Roles administration page or can be created by editing a duplicated role as noted above.

There are a wide variety of permissions available.  Custom roles can be built by allowing an Admin to View and Modify features in the LMS.  These two permissions recur frequently throughout the permissions categories. 

Custom Roles offer the following actions for permission access:

Action Description
View
Permits Admin to view reports without access to edit records.
  • Selecting View will enable the Admin to view data without any access to edit the data.
Modify
Permits Admin full access to add and edit records. 
  • Selecting Modify will enable Admins full access to add, edit and delete data (unless Delete is a separate option). 
Delete Permits Admin to delete records.

 


Role Permissions

When selecting permissions for the Role, you will choose View, Modify, Delete, or a combination of all actions for the following areas of the Admin Interface.

Note: You will only be able to edit Users that have a Role with equal or fewer permissions than your own.

 

Permission Category Details
Courses

This set of permissions determine the Role's access to the Courses section and the reports within. 

  • Instructor-Led Courses (ILCs)
  • Online Courses
  • Course Bundles
  • Curricula
  • Enrollments
  • Venues
  • Resources
  • Categories
  • Competencies
  • Rating
  • Comments
  • External Training
  • Course Uploads
  • Question Banks


Each Course Type allows you to select specific permission options.  This allows for unique roles that may be required to edit a specific training, but only a particular aspect of the training.

For example,  if your Organization has Instructional Designers who need to upload eLearning courses directly into the LMS, the System Admin could create a Custom Role to only allow View and Modify Online Courses with the General and Syllabus sections selected only. 

More configurations are available for Instructor-Led Courses (ILCs) Sessions, allowing you to create Custom Roles that allow different levels of access between the ILC and the Session. For instance, the Custom Role could be designed so that the Admin can manage sessions and maybe only view the ILC it is attached to.

Users

This set of permissions determine the Role's access to the Users section and the reports within. 

  • Users*
  • Roles
  • Departments
  • Groups
  • Enrollment Keys

*The Users sub-section provides additional options to restrict certain functionality for security purposes:

  • Manage Administrators: Permits Role to configure User Profile < Account settings.

  • View Profile Fields: Determines which custom fields the Role can see in Portal Settings >Custom Fields.

  • Allow Impersonate: Permits the Role to access a User's Learner Experience portal as if they were the original User.

  • Delete: Permits the Role to permanently delete Users from the system.
    Note: Users (and their associated enrollments) removed using this method are permanently removed from the LMS and cannot be recovered.
Absorb Engage*

This set of permissions determines the Role's access to the Absorb Engage section and the reports within.

  • News Articles
  • Billboards
  • Polls
  • Leaderboards
  • Collaborations

Note: Absorb Engage must be enabled in your environment for these options to be available.

Manage

This set of permissions determine the Role's access to specific Reports available in the Setup section. 

  • Message Templates
  • Tags
  • Files
  • Translations
  • FAQs
E-Commerce*

This set of permissions determine the Role's access to the E-Commerce section and the reports within.

  • Transactions
  • Coupons

Note: E-Commerce must be enabled in your environment for these options to be available.

Reports

This set of permissions determine the Role's access to the Reports section and the reports within.

  • All Reports
Special
  • Inform*
  • View Product Notifications
  • Contact Us

*Absorb Inform must be enabled in your environment for this option to be available.

 


Role Dependencies

While you can create custom roles with your desired sets of permissions, it should be noted that some permissions will be dependent on others in order to work effectively. Careful thought (as well as some follow-up testing) should be given to your custom roles to ensure you have accounted for all necessary permissions. Since you are unable to Impersonate a User and access their Admin portal, a temporary test User may need to be created in order to ensure you have designed your roles as expected. A few considerations:

  • In order to Modify anything in the LMS, you must also be able to View it.

  • Several reports rely on basic view access for users or certain course types. For example, enabling access to the Course Activity report will get you as far as navigating to the report itself.
    To see any records on this report you would also need to enable view access for online courses. The same goes for something like view access for users when granting access to the Learner Activity report.

  • In order for Admins to be able to filter reports by Departments, their Role must include Department (View and/or Modify)

  • In order for Admins to be able to filter reports by Categories, their Role must include Categories (View and/or Modify)

  • The Admin's Role must have both Enrollments (Modify and/or Enroll Anyone) and the Course Activity Report to be able to edit Enrollments. 

  • In order for Admins to export data into CSV or Excel on Administration pages or within Reporting, they must have Generated Reports selected.

 


User Profile Account Settings & Roles

Important Note: The User's Settings > Account Section options do not grant System Admin access or permissions. It is a means to identify Users who are eligible to receive system Admin Roles. 

AR-User-Profile-Account-Section.jpg

 

Instructor Permissions

The Instructor Role is a default system role that is not available from the Roles report page.  This is managed at the User Profile > Account section. 

When the Instructor toggle button is enabled (turned ON), at the User Profile, the Instructor Role is immediately applied to the profile.  This will provide the User will the permissions within the default Instructor Role. 

A User with the User Profile > Account settings seen above has access to the Admin Interface but is limited to only viewing ILC Sessions where they are listed as the Instructor.

 

 

Published on
Have more questions? Submit a request

0 Comments

Article is closed for comments.