Roles
- What will I find in the "Roles and accesses" section?
- What types of roles exist in Sesame, and what are their characteristics?
- What are the Default General roles?
- What are the Default Specific roles?
- How can I create a role?
- How can I duplicate roles?
- How can I delete roles?
- How can I edit the "Basic information" of a role?
- How can I configure the "Access levels" of a role?
- What are Holders and how can I assign them?
- How can I assign roles if I manage a group of companies?
- What are Managed and how can I assign them?
- How can I see which groups or employees are managed by a role holder?
- What is “Data privacy” for?
- How do the roles granted through "Roles and Accesses" coexist with those granted by sections?
- What is the "Change history"?
- Why are there new roles in my account?
- How can I manage access to employee data?
- Do roles have default data privacy settings?
- What happened to my “Access levels” settings after the migration to “Data privacy”?
- What actions can each role perform?
What actions can each role perform?
As well as defining which modules each role can see, in Sesame, you can also control access to specific fields within those modules. This allows you to build a truly precise configuration, not just "can view the employee profile", but "can view the profile, but not the salary".
How does this work in practice? Imagine you have two roles: "Team Manager" and "HR Director". Both can access the employee profile, but only the HR Director can view and edit the salary field. The Team Manager will see the full profile, except for that piece of data.
For each field in each Sesame module, you can assign one of these 3 levels:
- No module access: the user has no access to the module and therefore to any of its fields.
- Read: the user can view the field but cannot edit it.
- Write: the user can view and edit the field.