Managing Users
Managing Your User Profile
To access your profile, click "Manage My User" from the account menu at the bottom of the primary navigation.
You'll have access to personal information and usage statistics from the resulting profile page. It doubles as an ID card and a stats card.
You can edit your name and email address. Both fields are required. A phone number is only required for 2FA.
Click the "Change Password" button to change your password.
Resetting Passwords
The password must be reset by the user whose password is being reset. Passwords cannot be reset on behalf of others.
To reset your password, go to Manage My Profile in the account menu and click the Change Password button.
A modal will open, prompting for a new password can be entered.
Changing a password will immediately invalidate all current sessions across all machines for the user.
Managing Account Users
Click "Manage Users" in the account menu to manage account users.
Modifying User Permissions
User roles define the amount of access and permissions a Lytics user has when logged in and through the Lytics APIs.
A user may have any number of these roles, and the permissions for multiple roles are additive. For example, a user with the Campaign Manager and Content Manager roles will have access to all permissions granted by both roles.
Users with the Admin role can control other users' roles within your organization via the "Manage Users" option from the account dropdown menu.
Predefined Roles and Granular Permissions
When you assign roles to a user, the Manage Users interface presents two tabs:
- Predefined Roles are the original set of broad, job-function roles, for example Admin, Audience Manager, or Data Manager. Each role bundles permissions across several feature areas. The matrices further down this page describe what each predefined role grants.
- Granular Permissions is a catalog of narrower roles, each one paired as a view (read-only) and manage (read and write) for a single feature area. Granular permissions are designed for least-privilege assignments where a user should have access only to the features they actually use.
Roles from both tabs can be assigned to the same user. Permissions remain additive across all assigned roles regardless of which tab they come from. For the full granular catalog, common assembly patterns, and notes on custom roles, see Predefined Roles and Granular Permissions.
The matrices below describe predefined rolesThe "What does a user of each role have access to?" and "What tasks can a user of each role perform?" sections cover the predefined roles only. Granular permissions are documented on their dedicated page so the matrices stay focused.
Managing Personally Identifiable Information
You can indicate any user fields in your account that contain Personally Identifiable Information (PII) via the private fields account setting. These fields will be hidden for anyone who does not have Admin, Data Manager, or User Search roles. You should verify with Lytics Support that the field hiding in the segment scan is also enabled for your account to ensure these fields are hidden there.
Predefined Role Reference
Each predefined role has a stable slug used in API calls and SSO group assertions, a display name shown in the Manage Users interface, and a purpose. The matrices further down this page show exactly which features each role can access.
| Slug | Display Name | Purpose |
|---|---|---|
admin | Admin | Grants read/write access to all features and management functions, including inviting users and assigning roles. |
segment_manager | Audience Manager | Grants read/write access to audiences. |
campaign_manager | Campaign Manager | Grants read/write access to campaigns and audiences without PII, including exporting audiences without PII and publishing campaigns. |
content_manager | Content Manager | Grants read/write access to content classification, collections, and topics. |
data_manager | Data Manager | Grants read/write access to schemas, queries, users, content, and integrations. Includes PII user fields access. |
report_viewer | Discovery Insights | Grants access to explore Discovery insights. |
experience_manager | Experience Manager | Grants read/write access to Experiences. |
flow_read_write | Flow Read/Write | Grants read/write access to Flows. |
orchestrate | Goal Manager | Grants read/write access to Goals and Experiences features. |
marketer | Marketer | Grants read/write access to audiences and campaigns, but cannot publish campaigns or export audiences. |
observer | Observer | Grants read access to audiences and campaigns. |
report_manager | Report Manager | Can view, create, and delete audience insight reports. |
user_search | User Search | Grants ability to search for users and view their profiles. Required, alongside the private fields setting, to view PII fields. |
What does a user of each role have access to?
A user's role determines which parts of the Lytics app they can access. Here is a breakdown of what is shown in the navigation for each role.
| Admin | Audience Manager | Campaign Manager | Content Manager | Data Manager | Discovery Insights | Experience Manager | Goal Manager | Marketer | Observer | User Search | |
|---|---|---|---|---|---|---|---|---|---|---|---|
| Dashboard | |||||||||||
| Dashboard | x | x | x | x | x | x | x | x | x | x | x |
| Goals | |||||||||||
| Goals | x | x | |||||||||
| Experiences | |||||||||||
| Experiences | x | x | x | ||||||||
| Audiences | |||||||||||
| Audiences | x | x | x | x | x | x | x | x | |||
| Discovery | x | x | |||||||||
| User Search | x | x | x | ||||||||
| User Profiles | x | x | x | ||||||||
| GDPR Profile Delete | x | x | |||||||||
| Content | |||||||||||
| Overview | x | x | x | x | |||||||
| Topics | x | x | x | x | |||||||
| Collections | x | x | x | x | |||||||
| Data | |||||||||||
| Jobs / Auths | x | x | x | x | x | ||||||
| Data Streams | x | x | |||||||||
| User Fields | x | x | |||||||||
| Queries | x | x | |||||||||
| Schema Audit | x | x | |||||||||
| Personalize | x | x | x | x | |||||||
| Look-a-like Models | x |
For access to look-a-like models you will need to be an account
adminor have a combination ofDiscovery Insight+ a role that gives access toJobs/Auths.
What tasks can a user of each role perform?
Roles define a set of permissions the user has, which also dictates what actions they can take in the app and through the APIs. Here is a breakdown of the permissions for each role by feature.
Personally Identifiable Information (PII)
To shield PII from users who should not have access, you will need to use the private fields account setting to mark the profile fields you want to hide from anyone who does not have Admin, Data Manager, or User Search roles.
| Admin | Audience Manager | Campaign Manager | Content Manager | Data Manager | Discovery Insights | Experience Manager | Goal Manager | Marketer | Observer | User Search | |
|---|---|---|---|---|---|---|---|---|---|---|---|
| View | x | x | x |
Audiences (without PII)
| Admin | Audience Manager | Campaign Manager | Content Manager | Data Manager | Discovery Insights | Experience Manager | Goal Manager | Marketer | Observer | User Search | |
|---|---|---|---|---|---|---|---|---|---|---|---|
| View | x | x | x | x | x | x | x | ||||
| Create | x | x | x | x | x | x | |||||
| Edit | x | x | x | x | x | x | |||||
| Duplicate | x | x | x | x | x | x | |||||
| Delete | x | x | x | x | x |
Content Topics
| Admin | Audience Manager | Campaign Manager | Content Manager | Data Manager | Discovery Insights | Experience Manager | Goal Manager | Marketer | Observer | User Search | |
|---|---|---|---|---|---|---|---|---|---|---|---|
| Blocklist | x | x |
Content Collections
| Admin | Audience Manager | Campaign Manager | Content Manager | Data Manager | Discovery Insights | Experience Manager | Goal Manager | Marketer | Observer | User Search | |
|---|---|---|---|---|---|---|---|---|---|---|---|
| View | x | x | x | x | |||||||
| Create | x | x | x | ||||||||
| Edit | x | x | x | ||||||||
| Duplicate | x | x | x | ||||||||
| Delete | x | x |
Authorizations (for imports & exports)
| Admin | Audience Manager | Campaign Manager | Content Manager | Data Manager | Discovery Insights | Experience Manager | Goal Manager | Marketer | Observer | User Search | |
|---|---|---|---|---|---|---|---|---|---|---|---|
| View | x | x | x | x | x | ||||||
| Create | x | x | x | x | x | ||||||
| Edit | x | x | x | x | x | ||||||
| Delete | x | x | x | x | x |
Jobs (imports & exports)
The former "Integrations" tab is now comprised of the "Jobs" and "Authorizations" sections, which allow you to manage your import and exports.
| Admin | Audience Manager | Campaign Manager | Content Manager | Data Manager | Discovery Insights | Experience Manager | Goal Manager | Marketer | Observer | User Search | |
|---|---|---|---|---|---|---|---|---|---|---|---|
| View | x | x | x | x | x | ||||||
| Create | x | x | x | x | x | ||||||
| Pause | x | x | x | x | x | ||||||
| Update | x | x | x | x | x | ||||||
| Delete | x | x | x | x | x |
Accounts & Users
| Admin | Audience Manager | Campaign Manager | Content Manager | Data Manager | Discovery Insights | Experience Manager | Goal Manager | Marketer | Observer | User Search | |
|---|---|---|---|---|---|---|---|---|---|---|---|
| Invite User | x | ||||||||||
| Manage User Roles | x | ||||||||||
| Create Account | x | ||||||||||
| Edit Account | x | ||||||||||
| View Account Usage | x |
Personalize Campaigns
| Admin | Audience Manager | Campaign Manager | Content Manager | Data Manager | Discovery Insights | Experience Manager | Goal Manager | Marketer | Observer | User Search | |
|---|---|---|---|---|---|---|---|---|---|---|---|
| View | x | x | x | x | |||||||
| Create | x | x | x | ||||||||
| Edit | x | x | x | ||||||||
| Duplicate | x | x | x | ||||||||
| Delete | x | x |
Additional API-Only Features
All roles have API read access to topic rollups, segment collections, and SegmentML. Marked below are the roles with full CRUD access to these features.
| Admin | Audience Manager | Campaign Manager | Content Manager | Data Manager | Discovery Insights | Experience Manager | Goal Manager | Marketer | Observer | User Search | |
|---|---|---|---|---|---|---|---|---|---|---|---|
| Content Topic Rollups | x | x | x | x | |||||||
| Content Classification | x | x | x | x | |||||||
| Queries API | x | x | |||||||||
| Segment Collections | x | x | x | x | x | x | x | x | |||
| Lookalike Models | x | x | |||||||||
| Subscription | x | x | x |
Inviting Users
Click the Create New button from the user list to invite a new user to the account.
Inviting a new user will prompt for an email address and roles to select the appropriate level of access the user will have within your Lytics account. Upon completing this form, the new user will get an email with a link that will take them to the Lytics account login screen.
Removing Users
From the user list, select the user you wish to delete. You can remove this user from Lytics by clicking the Delete User button from their profile page.
Updated 17 days ago