User roles
Grant your team members access to your Sumsub account.
Roles help you restrict access to certain Dashboard functionality. You can create as many roles as you need. Each role has a set of permissions; each permission regulates the behavior of how your team members can use the Dashboard.
With Sumsub, you receive the following default roles:
- Admin. Has full access to all functionality and statistics. Can set up rules and customize verification processes.
- Compliance Officer. Can review applicant profiles, approve and decline applicants, and upload additional documents.
- Developer. Can set up rules and customize verification processes.
Create roles
To create a new role:
- In the Dashboard, go to the Roles page and click Add new role.
- Provide the role name and optional description.
- [Optional] From the Start from a copy of drop-down list, select an existing role from which you want to inherit permissions.
- Configure access limitations.
- Configure IP addresses or CIDR ranges (e.g., 192.168.1.100, 192.168.1.0/24) from which your team members can access the Dashboard.
- From the Source keys from client drop-down list, select a source key to distinguish among applicants coming from different partners.
- On the right, select permissions that you want to grant to the role. Make sure to thoroughly examine each permission and its description before selecting it.
- Save your changes.
Permissions
The following table explains permissions that help you manage access granted to your team members to a certain Dashboard functionality.
|
Permission |
Description |
|---|---|
|
Moderate Permissions to moderate applicant statuses, manage personal data and check results, blocklist applicants, and so on. |
|
|
Moderate Applicants |
Allows user to manage the statuses of all applicants. |
|
Use moderation buttons |
Allows user to use moderation buttons to streamline applicant rejection. The system automatically generates a rejection comment in the applicant’s language based on the selected reason. Without this permission, users must manually enter the rejection reason. |
|
Change applicant's personal data |
Allows user to modify an applicant’s personal information and upload new documents via the dashboard. |
|
Manage check results |
Allows user to change check results in the Summary section, such as cross-validation or face match results. |
|
Manage applicant notes |
Allows user to view and edit internal comments about the applicant. These notes are visible on the dashboard but never shown to the applicant. |
|
Create applicants |
Allows user to create applicants, including via permalinks. Without this permission, the user cannot create applicants and cannot see Unilinks or permalinks created by others. |
|
Reset applicants |
Allows user to reset an applicant. |
|
Change verification level |
Allows user to change an applicant's level. |
|
Manage applicant tags |
Allows user to assign and remove tags from an applicant. |
|
Blocklist applicants |
Allows user to add an applicant to the blocklist. If the same document is uploaded for another applicant, it will be rejected. |
|
Deactivate applicants |
Allows user to deactivate and reactivate applicants. |
|
View Permissions to view different types of information, such as the personal data of the applicant, check results, cost of checks, and so on. |
|
|
View list of applicants |
Allows user to view the list of all applicants, filter the list, and search applicants by keyword or ID. If this permission is not set, the user can only find applicants by exact Applicant ID or External ID. |
|
View applicant's personal data |
Allows user to view applicants’ personal data. |
|
View applicant’s images in personal data |
Allows user to view images in applicants’ personal data. |
|
View check results |
Allows user to view the results of different checks, such as watchlist screening and face comparison. |
|
View statistics and analytics |
Allows user to access the Statistics and Analytics tabs. |
|
View costs of checks |
Allows user to view the cost of checks, including payment method verification, identity verification, and others. |
|
Data export Permissions to manage applicant data export settings. |
|
|
Download bulk applicant report |
Allows user to download a CSV file with the list of applicants. Requires the View list of applicants and View applicant’s personal data permissions to access applicant data and generate bulk reports. |
|
Manage Permissions to manage user roles and Dashboard settings. |
|
|
Manage dashboard users |
Allows user to manage dashboard roles and permissions, including SSO groups, and reset passwords for dashboard users. |
|
Manage company settings |
Allows user to manage company settings, such as changing the primary email, configuring regulations, and setting up webhooks. |
|
Manage workflows |
Allows user to manage applicant workflows,including creating, editing, publishing, and unpublishing workflows. |
|
Customizable Lists Permissions to view and manage client lists. |
|
|
View customizable lists |
Allows user to view customizable lists. |
|
Manage customizable lists |
Allows user to create, delete, and modify customizable client lists and their values. |
|
TM Permissions to view and manage TM rules, settings, and transactions. |
|
|
Manage TM settings |
Allows user to manage TM settings, such as setting default currency and thresholds. |
|
View TM transactions |
Allows user to view TM transactions. |
|
Manage TM transactions - Decisions |
Allows user to make decisions on transactions make decisions on transactions, including approving, rejecting, and confirming. |
|
Manage TM transactions - Review |
Allows user to perform actions on transaction reviews, such as assigning/adding notes, and tags. |
|
Manage TM rules |
Allows user to manage TM rules, including installing, creating, editing and removing rules. |
|
View TM Rules |
Allows user to view rules in both installed rules and the rules library. |
|
View TM Network |
Allows user to view the network of customers transacting with each other. |
|
AML screening Permissions to view and manage AML screening. |
|
|
View AML screening |
Allows user to view AML screening. |
|
Manage AML screening |
Allows user to manage AML screening, such as assigning and reviewing cases. |
|
Case Management Permissions to see and manage cases. |
|
|
View case management |
Allows user to view case management, including lists of queues and cases. Also enables managing items covered by other permissions, such as Manage TM transactions. |
|
Manage case management settings |
Allows user to manage queue settings, create custom queues and make templates for FIU reports. |
Note
- Permissions cannot be directly assigned to team members. You need to create a role with a certain set of permissions, and then assign this role to a team member.
- If you do not see some of the listed permissions, it means you do not use the associated Sumsub products or solutions. Contact our sales team or reach out to your account manager to obtain a new product.
Manage roles
You can manage roles in any of the following ways:
- Edit roles. Lets you edit an existing role in case you want to change certain parameters. For example, you may want to change permissions that you have assigned previously or change the name of the role, and so on.
- Remove roles. Lets you permanently remove the role in case you no longer need it. Mind that you cannot remove the role if at least one team member is currently logged in under this role.
Updated 3 days ago