Sift’s role-based access control enables you to give your team only the level of access they need. By assigning a user to a role, you can limit access to sensitive information and restrict the actions they can perform.
User roles are managed on the Team tab of the Account Settings page. You can assign users to one of 8 default roles designed to meet the needs of most teams with no customization required. For more complex organizations, you can also create custom roles and define the exact features of Sift that each user has access to.
To help you get up and running quickly, Sift includes 8 default roles with preset access.
Administrators have unrestricted access. At least one administrator is required per account.
Managers have full access to the Sift Console. They can create and edit Sift Workflows, investigate cases, make decisions, and access Sift Insights reporting. They can also add users and manage team preferences. However, managers cannot access the developer environment, add API keys, or edit payment information.
Analysts can run queries on users and create lists, review users in Review Queues and Escalation Queues, and make decisions. They can also view Workflow Metrics reports in Sift Insights.
Agents can run queries on users and create lists, review users in Review Queues, and make decisions.
Developers are able to set up, test, and measure the health of your Sift integration. They cannot view any customer data or apply decisions in production.
The view only role allows users to search for users by email, ID, and Order ID.
The billing role enables users to view Sift invoices and manage payment information.
Business analysts have view only access to users and can also access all Sift Insights reporting (except individual analyst performance reports).
In addition to the 8 default roles, we give you flexibility to define custom roles based on the way you operate. When you create a custom role, you can define access to Sift at the feature level. Below are the features you can toggle for each role.
- View Users
- Apply Decisions
- Use Explore - Create, edit, and view Lists in Explore
- Export Explore Lists
- View Review Queues
- View Escalation Queues
- View Analyst Performance
- View Business Analytics
- View Analyze Insights
- Export Insights Data
- Access Workflows
- Create Workflows
- Draft Workflow Edits
- Publish, Pause, and Disable Workflows
- View Workflow Metrics
- Access Decisions Configurations
- Manage Decisions Configurations - Create, edit, and delete Decisions
- Manage Workflow Lists - Create, publish, edit, and view Lists
- View Integration Status
- Modify Integration Suggestions
- View Logs
- Manage API Keys - Create, edit, disable, and view API keys
- Sandbox Mode - Access to all products, features, and actions in Sandbox
- Access Display Settings
- Edit Display Settings
- Access Team Members
- Manage Team Members - Invite and remove users or change their role or 2FA settings
- Manage Org Members
- View Roles
- Manage Roles
- View Invoices
- Manage Subscriptions
- Update Billing Info - Add payment details or edit billing contact
My users are configured as either Admins or Analysts. Do the new roles override my existing permission settings?
No. Our new role-based access control is backwards compatible. Admin and Analyst are still role types, so existing settings are unaffected.
Can I edit default roles?
No. Instead, create a copy of a default role, customize it, then disable the default role you’d like to replace.
Can I add users via the Organization Console?
Yes, both Team and Org roles can be edited within the new Sift Org Console. At this time, Sift Org Roles are limited to Default Roles.
Can I configure access for specific fields such as email or IP address?
No. We do not currently support field-level permissions. Please contact support and we’ll work with you to find a solution.
Can I control data access by team, region, etc.?
Yes, You can control access by setting Org Level Roles in your Org Console. Users can be limited to certain teams and roles at the Org level.