Tikit provides role-based access control (RBAC) to enforce authorization in both the web and Teams apps. There are several app roles available: Administrators, Analysts, and Users. Administrators can manage Application Roles to control which users or groups have access to Tikit.
To access and manage Security settings:
- Open the Tikit web app at https://web.tikit.ai.
- Once in the Tikit web app, select the settings gear in the header, then select Security.
- Add Mapped Role Add a new mapped role to the selected app role.
- Application Roles A list of available app roles and the number of mapped roles. Select an app role to manage its mapped roles.
- Mapped Roles The currently mapped roles for the selected app role.
- Delete Mapped Role Select to delete a mapped role.
There are several Tikit app roles available: Administrators, Super Agents, Agents, Knowledge Agents, and Users. App role permissions are cumulative, meaning that users start with a very limited set of permissions and admins add permissions as needed. If a user is not mapped to a role, like an end-user who only interacts with Tikit Virtual Agent, then they only have access to submit and view their own requests.
Users can be either directly or indirectly mapped to an app role in Tikit. To make it easier for admins to manage app roles, there are a few different methods for mapping a user to an app role, App role membership is determined by:
- A user is directly mapped to a role.
- A user is a member of a group mapped to a role.
- A user is a member of an Office 365 Group with a matching app role name (e.g, Administrators, Analysts, or Users groups).
- For example, if the user AdeleV is a member of a Office 365 Group named Users then they will automatically be a member of the Users app role.
Multiple users and groups can be assigned to an app role from the Security page. Note that managing app roles requires the current user is mapped to the Administrators role.
To add a mapped role in the Tikit Web App:
The Administrators role has access to all Settings, Configurations, Views, Actions, and Functions.
By default, the user that provisioned Tikit is mapped to the Administrators role.
The Super Agent role has access to create, read, and update Views but cannot delete them.
Required for Tikit Teams App access.
It has no default mapped roles. When an Administrator installs Tikit to a team in MS Teams, Tikit will map that Team's associated AD group to the Super Agent role.
|Agent||Agents can manage Tickets and Tags.|
|Knowledge Agents||Knowledge Agents can manage knowledge (entries, linkage to templates, synonyms)|
The Users role has read-only permissions to Views.
It has no default mapped roles.
- In the Add Mapped Role form, search for and select users and groups to be mapped. Users are listed by username and groups are displayed by name.
- Select Save to finish mapping roles.
Managing mapped roles includes both adding and removing mapped roles in the Security page. Note that managing app roles requires the current user is mapped to the Administrators role.
To delete a mapped role in the Tikit Web App:
- Open Settings > Security to manage Security settings.
- Under Application Roles, select an app role to manage, then find and select the delete button for a mapped role and select Delete to confirm.
Note that this will permanently delete the mapped role, but the user or group can be assigned to the app role again to recreate the mapped role.