We are excited to announce the availability of user permissions for the server-side products. This new feature allows account owners to manage server-side user permissions separately from the user permissions that are controlled in Tealium iQ Tag Management.
Server-side user permissions creates a separation of access between the Tealium client-side interface and the server-side interface. This allows account administrators to grant access to users only for the areas that they intend to work on.
New users for the entire account are still added in Tealium iQ Tag Management. Once added, the new users appear in the server-side user permissions list where server-side access is granted by profile.
Server-side access is controlled using predefined permission roles. For each profile in the account, users are assigned a permission role to determine their access level.
The following table describes the four (4) available server-side permission roles:
|No Access (default)||
Prior to this release, access to the server-side products was managed from iQ Tag Management. From there, a user with permission to publish to the production (prod) environment had full save and publish permissions in the corresponding server-side products. In order not to disrupt user access to the server-side, a migration policy was applied to map client-side user permissions to server-side permissions.
With this release, your server-side account is pre-populated with users from your corresponding iQ Tag Management account. During migration your client-side users were placed into the following server-side permission groups:
|Client-Side Permissions||Migrated Server-Side Permissions|
|Manage Account and Manage Users||
|Publish to Prod||
All other users will have read access.
Admins of the server-side interface are the only users that have the ability to change the permissions of server-side users. None of the server-side permission roles grant this ability.
To be an admin on the server-side, you must have the Manage Account permission in the client-side interface.
Only the Manage Users permission grants the ability to add users to the account. To learn more about managing user permission in Tealium iQ Tag Management, see Managing User Permissions in iQ Tag Management.
For step-by-step instruction on how to get started, go to Managing Server-Side Permissions.
Hi @Giadanoe , Good question. If you don't grant any permissions in iQ the user will have read-only access to iQ. If you don't want the user to have read-access to iQ, then yes, you have to delete the user from iQ. This will not affect server-side permissions.