What is Vault?


Vault is a centralized hub for managing security and other administrative features in Lytics. It provides a single place for Lytics admins to access and change their key security features and user permissions, regardless of product. This means that the controls set in Vault apply to Conductor, Decision Engine, Cloud Connect, and any other products associated with your Lytics account.

Take a quick tour of Lytics Vault.

Navigating Vault

Vault is comprised of the following sections:

  • Account Usage - an overview of your general account quota usage related to event consumption.
  • Account Settings - view and change necessary administrative settings and details of your account. These are sectioned into the following categories.
    • Account Details
    • JavaScript Tag
    • Lytics API
    • Content
    • Security
    • Schema
  • Users - view a list of users accessing your Lytics account, change their details or permissions, remove a user, or invite a new user to the account.
  • Security
    • Access Tokens - view and manage a list of Lytics API access tokens. New tokens can be provisioned with specific permissions.
    • Authorizations - create, edit, view, and delete authorizations within Lytics. Authorizations are credentials to third parties that enable the necessary scopes and permissions for data import and export jobs to run.
  • Account Setup
    • JavaScript Tag - learn how to install the Lytics JavaScript tag and validate the installation.

Who can access Vault?

Vault is focused primarily on account admins or those that have permission to administer settings, user access, etc. Based upon these permissions, your experience in Vault may vary, and all sections outlined above may not be available.


If you are unable to access a section please reach out to your account administrator to request those adjusted permissions.

In general, Admins will be able to access all areas. Data Managers, Campaign Managers, Experience Managers, and Goal Managers can access the Authorizations section to manage the credentials for their jobs and experiences. Finally, all Lytics users, regardless of role, should have access to view the JavaScript tag installation page under Account Setup, and they should be able to view their user profile where they can change details such as their Name, Email Address, Phone Number (for two-factor authentication) and change their password. Your user profile will be accessible under the main Lytics navigation under "Manage My Profile."

Notable Changes

For existing customers, slight changes will impact your day-to-day management activities.

Product Switcher

Vault will be available directly from the primary product switcher at the top left of your Lytics interface. This will be your primary access point for account management from now on.

Account Usage

Our account usage data and quota meters received a much-needed facelift. The usage metrics act as the Vault "dashboard" for admin users.

Account Usage Chart

Account Settings

Account setting sections are now accessible through the main navigation. These settings have received a minor facelift update. The form controls for multi-text fields have been slightly updated for a more standard user experience. In addition, users are now prompted to save or discard their changes when navigating away from these pages with unsaved settings.


The user list is now sortable and filterable based on name, email, who invited them, and how long they've been a Lytics user. Each user has a page to view their details and roles. In Vault, in addition to assigning new roles, an administrator can edit any user's name and email address.

The user invite form is now on its page to improve the flow and experience of inviting users. Roles are now sorted into two categories - Admin or Custom Roles. An admin inherently has access to everything, while custom roles give a finer-grain definition of what the user can access. The details on each role are shown in a tooltip when you hover over the role name.

Access Tokens

The access tokens list is now sortable and filterable based on the name, description, the creator of the token, or when/if it has expired. You can now view additional details about the access tokens you've already created, such as the roles assigned, when it was made, and when it will expire. In addition, new access tokens can now be assigned as an admin or with any combination of more granular access roles.


Authorizations are now to be created and updated only in Vault. You will still be able to utilize the auths you create in Vault in other products, but for example, when creating a job in Conductor or Decision Engine, if you don't see an authorization you want to use for that job, you will be linked into the authorizations wizard within Vault to create the auth.

JavaScript Tag Installation

This page remains unchanged, with simple styling changes and updated links to our documentation for troubleshooting.