This article provides information and guidance on a portion of the Absorb LMS Admin Experience that is now upgraded to the Admin Refresh Experience.
Please visit our Absorb Admin Refresh Checklist article for more details about what is available with the free Absorb Admin Experience upgrade.
Admin Roles & Permissions
Admin Refresh Experience
Table of Contents
- Important Notes about Roles - Please Read
- System Default Roles
- Custom Roles
- Role Dependencies
- User Profile Account Settings & Roles
Important Notes about Roles - Please Read
- When selecting permission actions, remember that the Modify action must be paired with the View action for the Role to see and make changes.
- When selecting permissions for a Role, enabling the General option alone will limit the Role’s ability to administer the identified section and may not provide enough access to fulfill their responsibilities. Be sure to pair other options along with it to tailor the administrative experience you want to permit. It is always a good practice to test the Role and verify it performs as intended.
- Any role (default or custom) with Modify permission selected will grant all tile or section permissions.
We encourage you to create Custom Roles for your environment and not to use the default system Roles "as-is". Building new Roles configured to the different Admin-type personas needed for your use cases will help you ensure questions about access, permissions, and responsibilities are addressed prior to implementing workflows based on assumed Role settings.
- Roles work in tandem with User Management, with the former determining WHAT an Admin can manage and the latter determining WHO they can manage.
- Admins can only edit other Admin Users if the Admin has equal or more security set up on their Role, than the Admin User they are trying to edit.
For an in-depth review of changes introduces with the Admin Refresh to specific permissions, please check out Admin Refresh: Role Permission Changes.
System Default Roles
There are four (4) default Roles available, each focusing on a specific area within the Admin Interface. They are organized in descending order of responsibility in the table below:
System Admins are the owners of the Absorb LMS system at their organization. They generally are the primary contacts who work with the Absorb Client Services Teams (Onboarding, Support, and Client Success). System Admins have the highest administrative privilege, with permission to view, build, modify, and delete content held within the Admin Interface.
In addition to this, a System Admin also can configure global functionality within Setup > Portal Settings.
System Admin role will also bypass a number of restrictions that apply to other Admin roles including user management limitations, ability to modify any level of the admin account, and visibility of reporting generated by all users on the portal.
|Admin||Admins have access to the Admin Interface, with options to view, build, modify, and delete content per their Account level permission. This admin level does not have visibility to Setup > Portal Settings.|
Instructors have access to the Admin Interface but are limited to reports related to Instructor-Led Courses (ILC).
|Reporter||Reporters have read-only access to view Reports in the Admin Interface. Reporters cannot make changes to report data or other content. Reporters will be able to use Report Actions from Saved Layouts, if accessible to them.|
Keep in Mind:
- Default Roles cannot be modified; however, you can easily duplicate any existing role and then make adjustments to the new version.
- Additional Role permission option configuration may be necessary to use filters within reporting. For instance, the Administrator must have Categories or Departments (View and/or Modify) to filter by these fields in reporting. You can view a chart that compares the permissions of these roles here.
- Admins must have Generated Reports in their Role, in order to export data to Excel or CSV on any Administration page or Report page.
Duplicate & Customize Default Roles
System Default Roles can easily be duplicated and modified to create custom roles. Click the checkbox next to the name of the Role to select, then click the Duplicate Role button from the context menu.
Important Note about Duplicate Roles
All default admin roles mentioned above include built-in permissions that do not appear in the permissions checklist. These built-in permissions are only visible using the Permissions Overview button on the User Profile > Account once a role has been added. Any subsequent duplicates of a default role/duplicate will continue to carry on these hidden permissions.
For example, the Instructor toggle grants these permissions:
- Contact Us
- ILC Activity
- ILC Grades Report
- ILC Waitlist Report
- ILC Sessions Report
- Session Approval
These permissions are not visible in the permission overview on the User's Profile.
Additional Default Roles
Your Absorb LMS portal will present additional Default Roles if other products or services have been purchases. Please refer to your Account Manager for more information regarding getting these additional features turned on in your LMS.
|Product||Additional Default Role|
|Absorb Inform Service||Business Intelligence Viewer|
|Absorb Create LI||Create Editor|
|Salesforce.com Integration||Salesforce Enrollment Admin|
System Admins and Admins with Role (View and Modify) in their permissions can create customized Admin Roles to provide permission to specific areas of the Admin Interface. This can be useful for filling a niche where the pre-built roles just don't meet your organization's needs.
Custom roles can be created by selecting the Add New Role option from the Roles administration page or can be created by editing a duplicated role as noted above.
There are a wide variety of permissions available. Custom roles can be built by allowing an Admin to View and Modify features in the LMS. These two permissions recur frequently throughout the permissions categories.
Custom Roles offer the following actions for permission access:
Permits Admin to view reports without access to edit records.
Permits Admin full access to add and edit records.
|Delete||Permits Admin to delete records.|
When selecting permissions for the Role, you will choose View, Modify, Delete, or a combination of all actions for the following areas of the Admin Interface.
Note: You will only be able to edit Users that have a Role with equal or fewer permissions than your own.
This set of permissions determine the Role's access to the Courses section and the reports within.
More configurations are available for Instructor-Led Courses (ILCs) Sessions, allowing you to create Custom Roles that allow different levels of access between the ILC and the Session. For instance, the Custom Role could be designed so that the Admin can manage sessions and maybe only view the ILC it is attached to.
This set of permissions determine the Role's access to the Users section and the reports within.
*The Users sub-section provides additional options to restrict certain functionality for security purposes:
This set of permissions determines the Role's access to the Absorb Engage section and the reports within.
Note: Absorb Engage must be enabled in your environment for these options to be available.
This set of permissions determine the Role's access to specific Reports available in the Setup section.
This set of permissions determine the Role's access to the E-Commerce section and the reports within.
Note: E-Commerce must be enabled in your environment for these options to be available.
This set of permissions determine the Role's access to the Reports section and the reports within.
*Absorb Inform must be enabled in your environment for this option to be available.
While you can create custom roles with your desired sets of permissions, it should be noted that some permissions will be dependent on others in order to work effectively. Careful thought (as well as some follow-up testing) should be given to your custom roles to ensure you have accounted for all necessary permissions. Since you are unable to Impersonate a User and access their Admin portal, a temporary test User may need to be created in order to ensure you have designed your roles as expected. A few considerations:
- In order to Modify anything in the LMS, you must also be able to View it.
- Several reports rely on basic view access for users or certain course types. For example, enabling access to the Course Activity report will get you as far as navigating to the report itself.
To see any records on this report you would also need to enable view access for online courses. The same goes for something like view access for users when granting access to the Learner Activity report.
- In order for Admins to be able to filter reports by Departments, their Role must include Department (View and/or Modify).
- In order for Admins to be able to filter reports by Categories, their Role must include Categories (View and/or Modify).
- The Admin's Role must have both Enrollments (Modify and/or Enroll Anyone) and the Course Activity Report to be able to edit Enrollments.
- In order for Admins to export data into CSV or Excel on Administration pages or within Reporting, they must have Generated Reports selected.
User Profile Account Settings & Roles
Important Note: The User's Settings > Account Section options do not grant System Admin access or permissions. It is a means to identify Users who are eligible to receive system Admin Roles.
The Instructor Role is a default system role that is not available from the Roles report page. This is managed at the User Profile > Account section.
When the Instructor toggle button is enabled (turned ON), at the User Profile, the Instructor Role is immediately applied to the profile. This will provide the User will the permissions within the default Instructor Role.
A User with the User Profile > Account settings seen above has access to the Admin Interface but is limited to only viewing ILC Sessions where they are listed as the Instructor.