The Roles page enables you to create and manage the roles associated with your account. This functionality is available to Admins (or to any role that has the appropriate permissions).
A Role consists of a set of permissions. Once a role created, it can be assigned to individual users, enabling them to access the OneSpan Sign functionality they need.
If you are looking to migrate the roles and permissions that you defined in your Sandbox account to your Production account, OneSpan Sign has created a small Java application that can do this for you. For more information, see our Roles and Permissions Copy Tool.
To access the Roles page:
- Click Admin > Roles.
The Roles page displays the following columns:
- Role Name: Displays a list of all roles associated with the account.
- Description: Provides a brief description of each role.
- Status: Displays the role's current account status, such as Enabled or Disabled. A role that is disabled cannot be added to a user.
You can perform the following actions from the Roles page. Note that some of these actions can be performed only on the roles that you added to the account.
OneSpan Sign supports several predefined roles that cannot be modified or deleted (Manager, Admin, Sender, Notary, OneSpan Trust Vault (Compliance Vault) Manager). It also supports an unlimited number of customized roles. On the Roles page: (1) a globe icon appears next to a global role ; (2) a globe icon with a superimposed lock appears next to a predefined role; (3) no icon appears next to a customized local role.
If Enterprise Administration has been enabled for your account a Manager will not be able to assign a delegate for any of their senders.
To search for a role associated with your account:
- Type the name of the role in the Search box, and click Return. As you type, the list of roles will filter to those that match your search term.
To add a new role to your account:
- Click Add, and type the role's name and description. You can also specify if the role is to be immediately enabled.
- Click Add Permissions. A list of all possible permissions appears.
- Select all the permissions you wish to add to the role. For more about permissions, see Permission Descriptions.
- Click Add.
- Click Save.
The following permissions can be applied to roles to provide access to various features within your account.
To see which permissions have been assigned to a particular role, select the role. A Role Details pane will provide additional information about the role, including a list of all its permissions.
Not All Features Apply
- The permissions visible to you reflect the features enabled for your account. Some of the permissions listed here may not be available for you to select.
- No user can change their own permissions.
|OneSpan Trust Vault (Compliance Vault) Permissions|
|No access||This permission denies access to the OneSpan Trust Vault (Compliance Vault).|
|View their own transactions||This permission enables a Sender to view any of their transactions that have been archived to the OneSpan Trust Vault (Compliance Vault).|
|View and delete their own transactions||This permission enables a Sender to view and delete any of their transactions that have been archived to the OneSpan Trust Vault (Compliance Vault).|
|View all transactions||This permission enables a Sender to view all transactions that have been archived to the OneSpan Trust Vault (Compliance Vault).|
|View and delete all transactions||This permission enables a Sender to view and delete all transactions that have been archived to the OneSpan Trust Vault (Compliance Vault).|
|Sender Admin Permissions|
|Custom Fields||sender_admin.custom_fields||This permission enables a Sender to create and manage Custom Fields.|
|User Management||sender_admin.users||This permission enables a Sender to manage the users associated with their account.|
|Subscription account billing details||sender_admin.subscription||
This permission enables a Sender to view the Subscription page, which contains billing details for their account.
|API Access||sender_admin.api_access||This permission enables a Sender to allow customers to communicate with OneSpan Sign from within their own system via REST API calls.|
|Event Notification||sender_admin.event_notification||This permission enables a Sender to view their account's Event Notifications interface. Integrators can use this interface to request an automatic notification of events that concern the account.|
This permission enables a Sender to specify how long transactions in various states will be retained on a OneSpan Sign server.
This permission enables a Sender to re-brand the Signer Experience in several powerful ways.
This permission enables a Sender to enable the e-Notary feature on a notary’s account. This feature enables the notary to e-sign and notarize documents in a “notarized transaction”.
This permission enables a Sender to specify a password policy for their account.
|Account Configuration||sender_admin.self_serve_account_settings||This permission enables a sender to access the Account Configuration page.|
|Reports||sender_admin.reports||This permission enables a Sender to view the Reports menu in the Navigation Bar, and thus access reports about their account.|
|Roles||sender_admin.role||This permission enables a Sender to manage the roles associated with their account.|
|Group Signing Management||groups.group_signing_management||This permission enables an Account Owner or Manager to manage Groups on their account (Sender UI Email Groups).|
|Template and Layout Permissions|
|Share Template||templates_layouts.share_templates||This permission enables a Sender to make their templates available to other users on their account.|
|Share Layout||templates_layouts.share_layouts||This permission enables a Sender to make their layouts available to other users on their account.|
|Transaction||transaction.transaction||This permission enables a signer to create, view and edit transactions.|
|In Person Signing||transaction.in_person||This permission enables a Sender to use the In-Person signing feature on a transaction.|
|Change Signer Option||transaction.change_signer||This permission enables a signer to delegate their signing responsibilities to another person.|
|Transaction visibility in delegation||transaction.delegation_visibility||
This permission enables a delegate to see all the transactions on the account they have been delegated to manage.
To temporarily disable a role that has been added to an account, check the box beside it, and then click Disable.
To re-enable a disabled role, check the box beside it, and then click Enable.
To permanently delete a role from an account, check the box beside it, and then click Delete.