PDQ Connect supports the use of Role-Based Access Control (RBAC) to limit user permissions based on predefined roles. RBAC allows administrators to enhance security and control by ensuring that users only have access to the resources they need.
To access the settings for Role-Based Access Control in PDQ Connect, click the gear icon located at the bottom left of the PDQ Connect interface. This will take you to the Teammates tab of the Settings page where user roles may be viewed and assigned.
The Teammates tab contains a list of all users with access to your PDQ Connect organization along with their existing user role as seen in the Role column. To change a user’s role, click the down arrow to the right of their role and select a new role from the drop-down list.
PDQ Connect has two preconfigured roles: Admin and Member.
- The Admin role has access to the full capabilities of Connect, including the ability to create groups, deployments, automations, and manage other users.
- The Member role has the same capabilities as the Admin role but cannot invite additional users or manage user permissions.
- The built-in user roles cannot be deleted or edited.
- The user who initially signs up for Connect will be granted the role of Admin.
- Users added in the future will be assigned the Member role by default.
- The default role assigned to new teammates may be changed under the Roles tab of the Settings page.
- Only users with the Admin role can change another users role.
- Users with the Admin role cannot change their own role. But they can change the role of other Admins.
- To "demote" an Admin, grant another user the Admin role who will then change the previous Admin's role.
The Roles tab of the Settings page displays all user roles currently available in PDQ Connect. Both default roles will be seen here in addition to any custom roles created by administrators. Custom roles will be listed as such under the "Type" column, while the two built-in roles will be labeled as "PDQ."
The Name column displays the friendly name of each role along with the designated default user role, noted by the blue "Default" icon. The default role is the initial role assigned to any teammate invited to join a PDQ Connect organization. Any role can be set as the default.
To edit, delete, or set a role as the default, click on the vertical ellipsis located on the right side of the row for that role.
To Create a new Role, use the "Create role" button at the top right of the page. This will present a popup with options to name the new role and configure its permissions. The options shown when creating a new role are identical to those available when editing an existing one.
Below is a complete list of the available permissions available in PDQ Connect for Role-Based Access Control, along with a brief description what each permission does. All permissions may be enabled or disabled based with the exception of Manage Teammates, which is reserved for the Admin role.