Users and Teams
In Report + Support, the team a user is in determines their level of access to the system. An administrator can create a number of teams and determine the permissions level of that team. Users can then be added to teams.
Teams can have any combination of the following permissions:
- Access to reports: access to all reports, access to reports based on a filter, access only to reports assigned to them or the team they are in, access to no reports.
- Access to view answers: A team can have some questions marked as "protected" which means that people in that team will not be able to view answers to those questions in reports.
- Access to redact questions: If a team has access to view a report and also permission to redact, they can also optionally be granted permission to edit free-text fields in the report or comments.
- Access to analytics: access to the analytics system. This can be for all reports, or (if the team has partial report access) just the report they can see, or (if the team has no report access) a custom subset of reports.
- Site content editor: access to edit site content, no access to edit site content. This can be granted on a per-site basis if there are multiple front-end sites for a licensee.
- Reporting form editor: access to edit wording and option lists on forms, and to edit outcome lists; no access to edit this data.
- User editor: access to create, edit and delete teams and view the audit log; access to add/delete users only from specific teams; no access to manage teams.
By default you have a single team known as the “Administrators” team which has full access to everything.
When creating teams which have a custom access to reports, you will be asked to select a question and then the potential answers to that question. When a report is submitted where that question has been answered matching the selected answer for that custom report level, then that team will have access to the report and will receive notification e-mails. Teams with a custom report level can also have other reports assigned to them (as individuals, or as the whole team) and they will have access to assigned reports, regardless of how the questions were answered.
Teams can also have notification e-mail addresses added to them. When an e-mail address is added to a team (for example, to a shared inbox), then that team e-mail address will receive a notification when a new report is raised (and the team has access to all reports, or it matches the filter that the team has access to), or a report is assigned to that team.
Creating New Teams
To create new teams, once logged into the dashboard, select “Users” from the top menu. This will show you a list of all teams, and the list of who is in each team. Select the “Create Team” icon at the top corner of the screen to create a new team.
The page that appears allows you to name the team, and choose which access level that team has. Some example teams you may want to create:
- IT managers. Report Access: None; Team Access: All; Site Access: None.\ This configuration allows someone to manage users in teams but have no access to the content of the system. (Note that this could allow someone to add themselves to another team which does allow access)
- Case Workers. Report Access: Assigned; Team Access: None; Site Access: None.\ This configuration allows a case worker to only see reports once they have been triaged and assigned to them.
- Triage Team. Report Access: All; Team Access: None; Site Access: None.\ This configuration allows a user to see all reports so they can be triaged.
- HR Team. Report Access: Custom (only when Reported User is staff); Team Access: None; Site Access: None.
- Content Editor. Report Access: None; Team Access: None; Site Access: All.\ This configuration allows a user to edit all the content on the website but can not see any submitted reports.
- Triage Team Leader. Report Access: All; Team Access: Custom (Triage Team, Case Workers); Site Access: None.\ This configuration allows a team leader to manage joiners and leavers in their teams, as well as triage users.
Feel free to create teams and permissions that are appropriate to your organisation. The above are simply examples.
Once you have the teams in place you wish to create, you can add users to them. To do this, use the “Create User” button in the top corner of the “Users” tab in the dashboard. You can either add a user using a username and password logon, or using a single sign-on system, if that is set up for your organisation.
If you are a non-SSO organisation then fill in their name and e-mail address on the add user page. You can then select which team this user will appear in. The user will then receive an e-mail with a temporary password. They can sign in using the dashboard and must change that temporary password on their first sign in. This temporary password is only valid for 7 days, and if the user does not log in within those first 7 days, the administrator must use the "reset user password" feature on the user page to generate a new password.
For single sign-on users, you can then enter their username as it exists in the single sign-on system and that single sign-on user will be assigned to the selected team. This requires an exact match between the username including any prefix and suffixes. If you want to add a user not using single sign on, you can tick the "Use email instead of SSO" box and use the process described above for adding a username/password user.
Selecting a user from the list on the “Users” page allows administrators to change that user’s name, e-mail address and team. If the user has two-factor authentication enabled, it also allows an administrator to disable that. This should be done with care, for example, if a user has lost their phone with the two-factor codes on it. Before disabling two-factor authentication, ensure you have fully verified the user’s identity.
You can also delete users from their user page, using the button at the bottom.
Users can update their own passwords by selecting the silhouette icon in the top corner and selecting Account Settings. This allows them to change their password, configure two-factor authentication, and set their e-mail notification settings.
If a user has forgotten their password, they can use the “Forgot Password” button on the login page which will e-mail them a temporary password.