A role determines the level of privileges your users have within your account. To edit the properties of a role in your iOn account, follow these steps:

Note: iOn comes prepackaged with two basic roles — Admin and User. For details on which screens they can view and modify, go to Viewing Your Roles.

 

Unless you have special privileges, you will find that you can only edit roles you yourself have created.

  1. On the sidebar menu on the left, click .
     
  2. Click Roles on the flyout menu that appears.
     
    The Admin - Roles screen will appear.
      
  3. If the role you need to modify is in a subgroup of the one you have selected in the Group Chooser, make sure that View Subgroups is selected at the top of the screen.
    Note: Step 3 shouldn't be necessary, as roles are primarily created to be used throughout iOn and are best assigned to your top-level group (and set to be inheritable).
  4. In the row of the role, click at the far right. (To find the role, you can sort or filter the Name column, if needed, as shown in Sorting and Filtering Column Data.)
     
    A menu will appear.
     
    Caution: As mentioned earlier, you might not be able to edit the default roles (Admin and User). If that's the case, instead of Edit Role, the first option on this menu will be View Role. This enables you to at least view what privileges the role has. (Also, the Delete Role option will be grayed out, as you won't be able to remove it.)
     
  5. Click Edit Role.
     
    The Edit Role dialog box will appear.
      
  6. To change the name of the role, select the text in the Name field and type the new one, such as Driver Supervisor or Basic User.
     
  7. If you would like to place the role in a different group, click the Group drop-down arrow and select the new group from the list.
    Note: As roles are primarily created to be used throughout iOn, they are best assigned to your top-level group (and set to be inheritable, as shown in step 10).
  8. To edit the description of the role, select the current value in the Description field and type the new text, including what the role is designed for (such as a driver supervisor) and which screens it will be able to view and modify.
     
  9. Normally, you will leave the Role Status field set to Enabled.
    Note: If you don't want the role to be used for a temporary period of time, you can click this drop-down arrow and select Disabled or Suspended. This will make the role unable to be assigned to a user. (For Disabled, the role will no longer appear as an option in the Edit User dialog box. For Suspended, it will be listed but grayed out.)

    If any users currently have the role, you won't be able to disable or suspend it. (You'll receive an error when you try to save.)
     
    If you do disable a role and later reenable it, you'll need to log out and back in to iOn in order for the change to take effect. (This isn't necessary for Suspended.)
  10. You should generally leave Inheritable selected so that the role can be seen by subgroups of the group it is assigned to (so the subgroups, or child groups, inherit the role from the parent group).
    Note: The Inheritable attribute is not really employed as a role feature and is somewhat a leftover from similar screens.
    In the Features section, you will find a list of all the iOn screens. If a page is set to Deny, the role cannot view it. If a page is set to Allow, the role does have access to it.
     
  11. Scroll through the list of screens and make any Allow/Deny changes you need by clicking the selectors. ( means selected [Allow], and  deselected [Deny].)
    Note: You won't be able to give access to screens you yourself don't have rights for. For example, if your role is the prepackaged Admin, you won't be able to allow the new role to delete groups, as your role doesn't have that privilege.
  12. If a screen has  to the left of its name, such as Reports in the Analytics & Reports section, follow these steps:
     
    1. Click to expand the area and see the screen's subitems ( changes to ).
      Note: For Reports, you'll need to expand its two subcategories, Common and Special, as well. You can now deny or allow a role access to the reports individually, report by report.
       
    2. If the subitems have child privileges of their own, you can expand them as well.
       
    3. Slide the toggles to Allow for all the subitems you want to give the role access to and to Deny for ones it shouldn't be able to view or change.
       
    4. You can slide the toggle to Deny or Allow for an entire category (such as Asset Activity under Common) to apply that level of access to all the items under it.
       
  13. Click Done.
     
    Your edits will appear in the Admin - Roles grid, and a success message will be displayed at the bottom of the screen.
      
  14. Click OK to dismiss it. (Or you can wait a few seconds, and it will automatically close.)

PRO TIP

If you've received queries from your users, asking if there's a way to disable the session timeout, you'll be happy to learn that you can add that as a role feature, as follows:

  1. In the Edit Role dialog box, scroll down to the bottom of the Admin section.
     
  2. Select Admin Command Center.
      
    After you save the new role, users you assign to it will not be logged out of their sessions according to the normal timeout rules.