User Management
Control user access and permissions across your dealership.
Overview
Section titled “Overview”User Management allows you to:
- Add and remove users
- Assign roles and permissions
- Track user activity
- Manage user profiles
- Control feature access
User Roles
Section titled “User Roles”Pre-defined Roles
Section titled “Pre-defined Roles”- Admin: Full system access
- Manager: Team and reporting access
- Sales Rep: Sales tools access
- Service Advisor: Service module access
- BDC Agent: Communication tools
Custom Roles
Section titled “Custom Roles”- Create custom roles
- Define permissions
- Assign to users
- Role templates
- Inheritance rules
Permissions
Section titled “Permissions”Module Access
Section titled “Module Access”- Contacts
- Conversations
- Pipelines
- Automations
- Reports
Action Permissions
Section titled “Action Permissions”- View
- Create
- Edit
- Delete
- Export
Adding New Users
Section titled “Adding New Users”Step 1: User Creation
Section titled “Step 1: User Creation”- Navigate to Admin → Users → Add User
- Fill in user details:
- First Name and Last Name
- Email Address (must be unique)
- Phone Number (optional)
- Employee ID (optional)
- Select Initial Role from dropdown
- Set Start Date and End Date (if applicable)
- Choose Notification Preferences
- Click Create User
Step 2: Account Setup
Section titled “Step 2: Account Setup”// User creation payload example{ "user": { "first_name": "John", "last_name": "Doe", "email": "john.doe@dealership.com", "phone": "+1234567890", "employee_id": "EMP001", "role_id": "sales_rep", "team_id": "team_sales_primary", "start_date": "2024-01-15", "permissions": { "contacts": ["view", "create", "edit"], "conversations": ["view", "create"], "reports": ["view"] }, "settings": { "timezone": "America/New_York", "language": "en", "notifications": { "email": true, "sms": false, "push": true } } }}Step 3: Welcome Process
Section titled “Step 3: Welcome Process”- System sends welcome email with:
- Temporary password
- Login instructions
- Getting started guide
- User first login requires:
- Password change
- Profile completion
- Terms acceptance
- Onboarding checklist includes:
- Platform tour
- Role-specific training
- Tool assignments
Detailed Role Definitions
Section titled “Detailed Role Definitions”Administrator Role
Section titled “Administrator Role”Full system access and management capabilities
{ "role": "administrator", "permissions": { "users": ["create", "read", "update", "delete", "manage_permissions"], "teams": ["create", "read", "update", "delete"], "dealership": ["read", "update", "configure"], "billing": ["read", "update", "manage"], "integrations": ["create", "read", "update", "delete"], "reports": ["read", "create", "export", "schedule"], "system": ["backup", "restore", "audit", "configure"] }, "restrictions": { "ip_whitelist": [], "time_restrictions": false, "mfa_required": true }}Key Capabilities:
- Complete user and team management
- System configuration and settings
- Billing and subscription management
- Integration setup and maintenance
- Advanced reporting and analytics
- Security and compliance oversight
Manager Role
Section titled “Manager Role”Team leadership and oversight capabilities
{ "role": "manager", "permissions": { "users": ["read", "update_team_members"], "teams": ["read", "update_own_team"], "contacts": ["create", "read", "update", "delete", "export"], "conversations": ["read", "assign", "monitor"], "pipelines": ["read", "update", "configure_team"], "reports": ["read", "create", "export"], "automations": ["read", "create", "update"] }, "scope": { "team_based": true, "cross_team_view": false, "direct_reports_only": true }}Key Capabilities:
- Manage direct reports and team members
- Oversee team performance and activities
- Configure team-specific workflows
- Access comprehensive team reporting
- Assign and reassign leads/contacts
- Monitor conversation quality
Sales Representative
Section titled “Sales Representative”Core sales tools and customer interaction
{ "role": "sales_representative", "permissions": { "contacts": ["create", "read", "update", "call", "message"], "conversations": ["create", "read", "update", "respond"], "pipelines": ["read", "update_own_contacts"], "tasks": ["create", "read", "update", "complete"], "documents": ["read", "create", "send"], "reports": ["read_own_activity"] }, "limitations": { "contact_assignment": "own_and_assigned", "historical_data": "90_days", "export_limits": "100_records_per_day" }}Key Capabilities:
- Manage assigned contacts and leads
- Handle customer communications
- Track sales pipeline progress
- Complete sales-related tasks
- Generate customer documents
- View personal performance metrics
BDC Agent (Business Development Center)
Section titled “BDC Agent (Business Development Center)”Lead generation and initial customer contact
{ "role": "bdc_agent", "permissions": { "contacts": ["create", "read", "update", "qualify"], "conversations": ["create", "read", "update", "respond"], "leads": ["read", "update", "assign", "qualify"], "scripts": ["read", "use"], "appointments": ["create", "read", "update"], "reports": ["read_lead_activity"] }, "specializations": { "lead_qualification": true, "appointment_setting": true, "follow_up_campaigns": true, "script_based_interactions": true }}Key Capabilities:
- Qualify incoming leads
- Schedule appointments
- Execute follow-up campaigns
- Use scripted interactions
- Convert leads to opportunities
- Track lead-to-appointment metrics
Service Advisor
Section titled “Service Advisor”Service department operations and customer support
{ "role": "service_advisor", "permissions": { "contacts": ["read", "update", "service_history"], "conversations": ["create", "read", "update", "respond"], "service_orders": ["create", "read", "update"], "appointments": ["create", "read", "update", "manage_calendar"], "estimates": ["create", "read", "update", "send"], "inventory": ["read", "reserve_parts"] }, "module_access": { "service_module": true, "parts_inventory": true, "calendar_management": true, "customer_portal": true }}Key Capabilities:
- Manage service appointments
- Create and update service orders
- Generate and send estimates
- Track service history
- Communicate with service customers
- Coordinate with technicians
Custom Role Creation
Section titled “Custom Role Creation”Role Builder Interface
Section titled “Role Builder Interface”-
Basic Information:
- Role name and description
- Department assignment
- Role level (entry, mid, senior)
-
Permission Matrix:
Feature | View | Create | Edit | Delete | Advanced----------------|------|--------|------|--------|----------Contacts | ✓ | ✓ | ✓ | ✗ | ✗Conversations | ✓ | ✓ | ✓ | ✗ | ✗Pipelines | ✓ | ✗ | ✓ | ✗ | ✗Reports | ✓ | ✗ | ✗ | ✗ | ✗Automations | ✗ | ✗ | ✗ | ✗ | ✗ -
Access Restrictions:
- Data Scope: Own data, team data, all data
- Time Restrictions: Business hours only, 24/7
- IP Restrictions: Specific IP addresses or ranges
- Device Restrictions: Mobile only, desktop only, any
-
Feature Limitations:
- Export Limits: Number of records per day/week
- Bulk Operations: Max contacts per bulk action
- API Access: Rate limits and endpoint restrictions
Role Templates
Section titled “Role Templates”Sales Team Template
Section titled “Sales Team Template”{ "template_name": "Sales Team Standard", "description": "Standard permissions for sales team members", "permissions": { "contacts": ["create", "read", "update", "call", "text"], "conversations": ["create", "read", "respond"], "pipelines": ["read", "update_own"], "tasks": ["create", "read", "update"], "documents": ["read", "send"], "reports": ["read_own"] }, "customizable_fields": [ "export_limits", "data_retention", "mobile_access" ]}Management Template
Section titled “Management Template”{ "template_name": "Team Management", "description": "Enhanced permissions for team leaders", "permissions": { "users": ["read", "update_team"], "contacts": ["create", "read", "update", "delete", "reassign"], "conversations": ["read", "assign", "monitor"], "reports": ["read", "create", "export"], "automations": ["read", "create", "update"] }, "team_scope": true, "reporting_access": "enhanced"}User Lifecycle Management
Section titled “User Lifecycle Management”User States
Section titled “User States”- Active: Full system access
- Inactive: No login access, data retained
- Suspended: Temporary restriction
- Deactivated: Permanent removal, data archived
Onboarding Process
Section titled “Onboarding Process”// Onboarding workflow configuration{ "onboarding": { "welcome_email": { "enabled": true, "template": "new_user_welcome", "delay": 0 }, "required_steps": [ { "step": "password_setup", "required": true, "deadline": "24_hours" }, { "step": "profile_completion", "required": true, "deadline": "48_hours" }, { "step": "training_completion", "required": false, "deadline": "1_week" } ], "guided_tour": { "enabled": true, "role_specific": true, "skippable": false } }}Offboarding Process
Section titled “Offboarding Process”-
Pre-Offboarding:
- Backup user data
- Transfer active conversations
- Reassign contacts and tasks
- Document handover notes
-
Account Deactivation:
- Disable login access
- Revoke API keys
- Remove from team communications
- Archive user data
-
Data Retention:
- 90-day retention period
- Legal hold options
- Export capabilities
- Permanent deletion
Bulk User Operations
Section titled “Bulk User Operations”Bulk Import
Section titled “Bulk Import”first_name,last_name,email,role,team,start_dateJohn,Doe,john@dealership.com,sales_rep,sales_team_1,2024-01-15Jane,Smith,jane@dealership.com,bdc_agent,bdc_team,2024-01-15Mike,Johnson,mike@dealership.com,service_advisor,service_team,2024-01-15Import Process:
- Upload CSV file
- Map columns to fields
- Validate data integrity
- Preview import results
- Execute import with rollback option
Bulk Updates
Section titled “Bulk Updates”// Bulk role assignment{ "bulk_operation": { "type": "role_assignment", "user_ids": ["user_1", "user_2", "user_3"], "changes": { "role_id": "sales_rep_senior", "effective_date": "2024-02-01" }, "notification": { "notify_users": true, "notify_managers": true } }}Advanced User Management
Section titled “Advanced User Management”Single Sign-On (SSO) Integration
Section titled “Single Sign-On (SSO) Integration”SAML Configuration
Section titled “SAML Configuration”<saml:EntityDescriptor xmlns:saml="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://automotiveai.com/saml/metadata">
<saml:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<saml:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://automotiveai.com/saml/consume" index="1"/>
</saml:SPSSODescriptor></saml:EntityDescriptor>Active Directory Integration
Section titled “Active Directory Integration”{ "ad_config": { "server": "ldap://your-domain-controller.com", "port": 389, "base_dn": "DC=yourdomain,DC=com", "user_search_base": "OU=Users,DC=yourdomain,DC=com", "group_search_base": "OU=Groups,DC=yourdomain,DC=com", "attribute_mapping": { "email": "mail", "first_name": "givenName", "last_name": "sn", "employee_id": "employeeID" }, "role_mapping": { "CN=AAI_Admins,OU=Groups,DC=yourdomain,DC=com": "administrator", "CN=AAI_Sales,OU=Groups,DC=yourdomain,DC=com": "sales_rep", "CN=AAI_Managers,OU=Groups,DC=yourdomain,DC=com": "manager" } }}Multi-Factor Authentication (MFA)
Section titled “Multi-Factor Authentication (MFA)”MFA Configuration
Section titled “MFA Configuration”{ "mfa_settings": { "required_for_roles": ["administrator", "manager"], "methods": { "totp": { "enabled": true, "app_name": "Automotive AI", "issuer": "automotiveai.com" }, "sms": { "enabled": true, "provider": "twilio" }, "email": { "enabled": true, "code_expiry": 300 } }, "backup_codes": { "enabled": true, "count": 10, "single_use": true } }}Session Management
Section titled “Session Management”Session Configuration
Section titled “Session Configuration”{ "session_config": { "timeout": { "idle_timeout": 3600, "absolute_timeout": 28800, "warning_threshold": 300 }, "concurrent_sessions": { "max_sessions_per_user": 3, "force_logout_oldest": true }, "security": { "secure_cookies": true, "httponly_cookies": true, "same_site": "strict", "ip_validation": true } }}User Activity Monitoring
Section titled “User Activity Monitoring”Activity Logging
Section titled “Activity Logging”{ "user_activity": { "user_id": "user_123", "timestamp": "2024-01-16T10:30:00Z", "action": "contact_updated", "resource_id": "contact_456", "details": { "changes": { "phone": "+1234567890", "status": "qualified" }, "ip_address": "192.168.1.100", "user_agent": "Mozilla/5.0...", "session_id": "session_789" } }}Performance Metrics
Section titled “Performance Metrics”{ "user_metrics": { "user_id": "user_123", "period": "2024-01", "stats": { "login_frequency": 22, "total_session_time": 176400, "contacts_created": 15, "conversations_handled": 87, "tasks_completed": 32, "pipeline_updates": 28 }, "efficiency_score": 85, "goals_met": { "contacts_goal": true, "response_time_goal": false, "conversion_goal": true } }}Audit Trail
Section titled “Audit Trail”{ "audit_log": { "event_id": "audit_789", "timestamp": "2024-01-16T10:30:00Z", "user_id": "admin_001", "action": "user_role_changed", "target": { "type": "user", "id": "user_123", "previous_values": { "role": "sales_rep" }, "new_values": { "role": "sales_manager" } }, "metadata": { "reason": "Promotion", "approved_by": "manager_456", "effective_date": "2024-02-01" } }}Troubleshooting User Issues
Section titled “Troubleshooting User Issues”Common Issues and Solutions
Section titled “Common Issues and Solutions”| Issue | Symptoms | Solution |
|---|---|---|
| Login Failure | Cannot access system | Check account status, reset password, verify MFA |
| Permission Denied | Cannot access features | Review role permissions, check team assignments |
| Slow Performance | System responds slowly | Check user activity, clear cache, optimize workflows |
| Mobile Issues | App not working | Update app, check permissions, verify network |
| Missing Data | Cannot see contacts/conversations | Verify data scope, check team assignments |
User Support Workflow
Section titled “User Support Workflow”-
Issue Identification:
- User reports problem
- Admin reviews error logs
- Check system status
-
Troubleshooting Steps:
- Verify user permissions
- Check recent system changes
- Test with admin account
- Review audit logs
-
Resolution Actions:
- Apply permission fixes
- Reset user settings
- Clear cache/sessions
- Escalate to technical support
Best Practices
Section titled “Best Practices”- Follow least privilege principle
- Regular access reviews
- Document role definitions
- Use role templates
- Monitor user activity