We are excited to announce the availability of user permissions for the server-side products. This new feature allows account owners to manage server-side user permissions separately from the user permissions that are controlled in Tealium iQ Tag Management.
How it Works
Server-side user permissions creates a separation of access between the Tealium client-side interface and the server-side interface. This allows account administrators to grant access to users only for the areas that they intend to work on.
New users for the entire account are still added in Tealium iQ Tag Management. Once added, the new users appear in the server-side user permissions list where server-side access is granted by profile.
Additional features include the ability to add and edit users in bulk (up to 25 users at a time) and the ability to search user profiles and filter users by permission type.
Server-Side Permission Roles
Server-side access is controlled using predefined permission roles. For each profile in the account, users are assigned a permission role to determine their access level.
The following table describes the four (4) available server-side permission roles:
No Access (default)
The No Access permission role does not grant any access to the server-side profile.
If the user attempts to access the server-side, their profile is blocked and an "Access Denied" message displays.
The Reader permission grants read-only access to the server-side profile.
A user in this role can browse the profile configuration, but the Save/Publish button is disabled. Users with this role cannot save any changes.
The Editor permission grants edit and save access to the server-side profile.
Users with this role can also access and edit settings from the Profile Admin > Settings menu.
The Publisher permission grants the same access as the Editor role, with the addition of the ability to publish the profile.
User Migration from iQ Tag Management
Prior to this release, access to the server-side products was managed from iQ Tag Management. From there, a user with permission to publish to the production (prod) environment had full save and publish permissions in the corresponding server-side products. In order not to disrupt user access to the server-side, a migration policy was applied to map client-side user permissions to server-side permissions.
With this release, your server-side account is pre-populated with users from your corresponding iQ Tag Management account. During migration your client-side users were placed into the following server-side permission groups:
Migrated Server-Side Permissions
Manage Account and Manage Users
Administrator Has full access to the account, including the ability to edit server-side user permissions and add users. Cannot be edited.
Publish to Prod
Publisher Has the ability to save and publish.
All other users will have read access.
Admins of the server-side interface are the only users that have the ability to change the permissions of server-side users. None of the server-side permission roles grant this ability.
To be an admin on the server-side, you must have the Manage Account permission in the client-side interface.