User Roles

A user is anyone who can log in and access your instance of Impexium. This can include both association staff and non-staff (members, non-members, etc.). Not all users have a user role.

A role gives a user the ability to see additional system options and settings. You can also hide areas of the system from certain role types. All association staff require a role of some type for the ability to work in the system.

There are several standard roles in Impexium.

Note: Custom roles can and should be created based on your association's needs.

  • No Role: Users with no role can only take actions normally required of ordinary customers and members. This can include things like accessing their My Profile page, purchasing products, viewing directories, etc. For the majority of associations, all non-staff users should NOT have a role.

  • Staff: These users work for your association. The Staff role should be assigned to all staff, in addition to any other role(s) they might be assigned. Certain permissions (such as page content visibility settings and "staff"-centric configurations options) are connected with the staff role. By default, the Staff role will not enable access to other areas of the system unless edited by an administrator to suit your association's requirements.

  • Administrators: These users have administrator access and can view and make changes to most areas of the system. Best practice is to give admin access to just a few users responsible for making changes to the configuration of your instance of Impexium, who have a good understanding of the effects of those changes, and who are willing to test any configuration changes in the Sandbox environment prior to implementing them in Live. Editing this role is NOT recommended.

  • Chapter Administrator/Staff: These roles are used ONLY by clients using enhanced chapter functionality who wish for their chapter members to log in and access deeper areas of Impexium. Please contact support@impexium.com with questions if you are unsure whether your association is using this configuration.

    Example:
    An association has chapters across the united states, and they want to allow a designated user from each chapter to carry out high-level actions on behalf of their chapter, including setting up a local event for chapter members. They assign the Chapter Administrator role to these users, ensuring that they have access to all permissions that the association has determined are permissible for chapter users in the system. While users with a Chapter Administrator role can be configured to take high-level actions like setting up a product, an association can also configure lower-level access to the Chapter Staff role, possibly allowing such users to only do things like run a query on chapter activity or purchase a chapter product.

Caution: While the existence of these roles is standard, it is possible for an administrator on your team to edit them. Consult with your team Impexium administrators to determine whether these roles are no longer of the standard configuration, and if so, the permission levels that these roles now enable.

Determining Necessary User Roles

In determining which roles are needed, work with your team members and discuss which areas of the system should be accessible by all staff, and which areas should be accessible only to certain individuals or groups.

  1. Assign Administrator(s): Identify the few users responsible for system settings and configurations, and ensure that those users have the Administrator role.

  2. Determine Needed Access Levels: Aside from admins, what other levels of access does your staff need? Work with your team to establish the necessary access levels.

    • Which areas should be accessible to all staff?

    • Should certain areas be accessible to only one part of your team? For example, should ONLY your accounting team have access to the Accounting App?

    • Your team may wish to use a spreadsheet to "sketch" out the types of roles your association needs. In the example below, an association has begun to define three roles for their system.

    Example Worksheet Showing Roles & Permissions
    Role Name "General Staff" "Accounting Team" "Executive"
    Purpose Essential settings all staff should have. Combine with other roles as necessary. Additional settings required by accounting team members. These staff should also have the "General Staff" role. Permits access to designated reports and queries only.
    Features Enabled Customers App: Individuals, Organizations, Reports, and Queries. Disable all other features under Customers App. Accounting App: Enable all features except Setup. Queries App > Query Center: Run-only access on select queries.
      Committees App: Committees, Reports, and Queries    

    Tip: Remember, users can be assigned multiple roles. That means that it isn't necessary to assign all permissions to every role type, since these permissions stack when users are assigned multiple roles.
    In the example above, it isn't necessary to configure the "Accounting Team" role to have access to features enabled by the "General Staff" role. Simply make it a rule of thumb that any staff users assigned the "Accounting Team" role must also be assigned the "General Staff" role.

  3. Create and Test a Role: Begin configuring one of the roles you've determined your association needs in Impexium and create an example user to assign the role to and login as to ensure the configuration works as desired.