If Advanced Access Control (AAC) is enabled for your group in Zurvey.io, you can manage user rights more easily compared to the simple permission levels Basic user management offers. It also provides an extra opportunity to keep your data safe and secure. With the help of dataset level permissions and Access Groups enabled in AAC, the owner of a dataset can grant – or deny – access for specific users, or groups of users with just a few clicks.
Main user roles and user rights are the same as by Basic user management, but when AAC is enabled, there are different permissions on the level of datasets as well - these can be provided by the owner of the dataset in question. To do this, click on the ‘...’ at the end of a dataset element, and choose ‘Provide access’.
- With viewer rights, users cannot modify any questions or settings in a survey. They have access to the dashboard, but aren’t able to save filters or export the data.
- Export rights grant access to generic exports, including Excel, PDF, SPSS, and the Semantic Excel Output.
- With editor rights, users can modify anything in a given dataset.
- In surveys, questions and settings can be overruled.
- On dashboards, saved filters can be modified, labels can be excluded on dataset level, and Custom Labels can be assigned to an analysis.
- In case of an integrated data stream (Email integration, APIs), dimensions can be modified and Custom Labels can be assigned.
By setting a user’s permission level to none, the dataset is visible on the home screen, but no other action can be taken.
Dataset level permissions don’t have to be granted individually: Admins can group users into Access Groups based on any logic they prefer. Grouping users according to their departments/teams, or based on projects they’re working on are common examples.
All users in a given Access Group have the same permissions. However, when you add a user to multiple Access Groups, Zurvey.io will apply the highest permission level to them out of the ones granted. User-level access also overwrites Access Group permissions.
Users can request access to any dataset with one click, either from the home page, or from the dashboard, where a toaster will prompt them to send a request if they attempt to perform an action they don’t have permission for.
After submitting the request, Zurvey.io will send an email notification to the dataset owner. Pending requests are listed in the Provide Access popup of datasets.
There is one more access option built into AAC: sharing dashboards through URL is also possible. The owner of a dataset can activate this feature at the bottom of the Provide Access popup. Thus, anyone with the link will be able to see a view-only version of any dataset's dashboard. In this version, filters can be applied, but no export or filter saving actions are available.
You can further control whom you share your dashboard with by adding a whitelist of the IP addresses where the dashboard should be available from via the link. This can be done in the ‘Advanced Access Control’ popup.
Even if someone outside your network is sent the link, they won’t be able to access the dashboard: if the dashboard link is opened from an IP address that’s not on the whitelist, the system displays an error message. This makes sharing the dashboard super secure and compatible with internal privacy regulations, too.
Read more about this feature on our blog: