Role-based permissions are configured within the Incentive Management Portal. First, roles need to be created; once a role is created the access users with that role have to the application can be specified using permissions.
Role-based permissions can be configured for the following workspaces/functionalities:
- Account
- Account Classifier Hierarchy
- Geography
- Granular Quota (no Delete option)
- Territory
- Territory Account
- Territory Geography
- Territory Position
- Territory Product
- Territory Quota (no Delete option)
- Territory Rule
- Version and Scenario
- Date Format - Availability of date options: Specific, Relative and Calendar-based dates in Advanced Date Control.
- External Application - Controls access to AI and Mapping features
You can also define feature-based access permissions for Organization data including Position, Participant, and Title. It is recommended that you set the same permissions in both Incentive Management and Territory and Quota.
Additionally, the following access restrictions are supported to enhance security:
- You can restrict access to administrative items by Role.
- You can restrict all users from editing Positions, Participants, Titles, and Accounts.
- You can restrict visibility to the Revenue of an Account that is not part of the user’s territory.
- You can restrict user operations to a particular Business Unit. The regional admins can have View-Only access to other Business Units. For example, if an administrator only belongs to the US Business Unit, they will only be able to see US accounts, products, and so on. If an administrator is a global user, they can see data for all Business Units.
- Only relevant actions based on Roles and Permissions are displayed in Territory Program, Territory Positions, Territory Account, Territory Geography, Territory Rule, Account Classifier Hierarchy, and Manage Quota workspaces.