Official translation unavailable. Translate this page with Google:

Using Access Roles helps you keep your entire labeling system secure. You can choose exactly what the members of your Access Roles can do and see in Control Center and other NiceLabel modules within NiceLabel Cloud and Label Management System products.

Learn how to manage Access Roles and Permissions

Use the Users > Access Roles page in Control Center to set User Privileges for your labeling system according to your own specific security policies. Access Roles allow you to assign different sets of privileges to Control Center users.

Note

LMSPro-LMSEnterprise

Before you can set user permissions, you must first enable authentication in your Label Management SystemControl Center.

After you enable authentication, log in to Control Center as an administrator to access theAccess Roles page.

Control Center includes default access roles with well-balanced permission sets:

Note

These default Access Roles have preset ranges of privileges. You can manually change the default permissions for each role except for the Administrator role.

NLCEssentials_NCBussines_NCCompliance_LMSPro_LMSEnterprise
  • Administration: All permissions granted. Members in this role have full Control Center privileges. Administrators can edit default roles, customize roles, and assign roles to users or groups.

  • Approver: Allows role members to review, approve, or reject labels or solutions in Document Storage. Approvers send documents to production.

  • Approver (second level): Allows role members to review, approve, or reject documents on the second document approval step. Approvers send documents to production.

  • Author: Allows role members to create or edit label templates and solutions. Members in this role can edit labels and forms, and have control over label production.

  • Operator: Allows role members to print labels and run solutions without editing. Members in this role have read-only access to Document Storage and cannot change any label templates or application configurations.

  • Service Provider: Allows your service provider to access your account for support, setup, and administration. This role has no members by default.

LMSPro-LMSEnterprise
NLCEssentials-NLCBussines-NLCCompliance
  • Cloud Integrator: Allows cloud integrators to access the Documents storage only. Cloud integrators use Cloud APIs, but for testing purposes, cloud integrators can also use Control Center UI.

Example 24. Example

John needs full access to Documents storage to upload printing solutions and make them available for production. Set John's Access Role to Author.

Annie needs access to the Reports page to prepare reports on printing consumables. You can assign Annie to any default Access Role.

Charlie is a printer operator. He only runs solution files in runtime mode and prints labels. Set Charlie's Access Role to Operator.

Martha is an account administrator. She needs access to all administrative features. Martha belongs in the Administration Access Role.


To learn how to edit default Access Roles or add new Access Roles, read Setting up Access Roles.

Multiple Access Role membership

If your users or user groups are members of multiple Access Roles, their overall security access sums up privileges of all access roles.

When your users are members of two Access Roles, Control Center grants them privileges from their highest Access Role and overrides privileges denied in other roles.

Example 25. Multiple Access Role membership

Charlie is a member of Operator and Author Access Roles. His Operator role grants him read-only access to files stored in Documents, but his Author role grants him full access to Documents. In this case, Charlie has full access to Documents.


Creating Access Roles

You can set up Access Roles for users in Control Center in two ways. You can edit default Access Roles, or create your own custom Access Roles from scratch. You can also duplicate the existing Access Role and then edit the copy.

  • Customize default Access Roles to comply with specific policies or procedures.

  • You can keep default roles, use additional customized roles for special use cases, or add new Access Roles.

Note

You can delete your customized Access Roles, but you cannot delete the default Access Roles.

When you delete your customized Access Roles, role members lose their permissions accordingly.

  1. To open Access Roles, go to Users > Access roles.

  2. You have three options:

    • To edit a default Access Role, click the role you want to edit.

    • To set up a new Access Role, click Add.

    • To copy an existing Access Role, select the role, then click Duplicate.

  3. Control Center opens Create New Access Role configuration page for editing.

    1. In Settings, type the role name and description. Make these easy to differentiate from other roles. For default Access Roles, you can edit the role description already there.

    2. Set the role Status. Toggle Active to make the role available immediately. Toggle Suspended to make the role unavailable.

      Note

      Default Access Roles are always active. You can only change the Status of new roles you create manually.

    3. Set Permissions for this Role. Define which tasks the members of this Access Role can perform. To learn more about setting permissions, read Setting role permissions.

    4. In Users in this Role click Add to add individual users or user groups to your access role. A new pop-up window opens.

      NLCEssentials-NLCBussines-NLCCompliance
      • All lists all users that belong to your company's Azure Active Directory and guest users.

      • Guest users lists all users that are invited or have already signed up to the cloud Control Center using an invitation link.

      LMSPro-LMSEnterprise
      • Application users lists all existing users who authenticate themselves using application authentication.

      • Application groups lists all existing groups of users who authenticate themselves using application authentication.

      • Windows users lists all users that are defined in your company's Active Directory.

      • Windows groups lists all groups that are defined in your company's Active Directory.

  4. Click Save.

Your Access Role is configured and ready to use.

Note

You can also create an Excel table with a report of all Control Center users and their Access Roles In the Report of Users and Access Roles window click Create report.

Access Role Permissions

Setting Permissions for your Access Roles helps you keep your entire labeling system secure. You can choose exactly what Access Role members can do and see in Control Center and other NiceLabel programs.

Note

NiceLabel recommends using default Access Roles due to their well-balanced Permission sets. Before you configure Permissions, consider your security policies and set Permissions for each Access Role carefully.

For security, your users in different Access Roles need different levels of access to files, folders, and actions when they use Control Center. NiceLabel groups common Permissions levels into default Access Roles. Administrators can customize or create new Access Roles. Use the Permissions for this role section in Access Roles to control which actions or settings are available to members of each Access Role.

To set Access Role Permissions, follow these steps:

  1. Log in to Control Center as an Administrator.

  2. Go to Users > Access Roles.

  3. Add a new Access Role or click on an existing Access Role from the list.

    Create New Access Role

  4. Set your Permissions.

    The Permissions for this role section includes multiple tabs with lists and detailed descriptions of available Permissions.

    • To grant specific Permissions for this role, select your checkboxes.

    • To disable specific Permissions for this role, clear your checkboxes.

      Note

      Disabling Permissions also makes them invisible to your Access Role members.

    19_permissions_for_this_role.png
    • Use the General tab to set your global Role Permissions for your NiceLabel modules and decide what users in this role can do in your labeling system. For example:

      • Run NiceLabel programs:

        • Designer

        • Print

        • Automation

      • Edit documents

      • Print labels

      • Run forms

      • Edit global variables

      • Edit options

      • Upgrade and deactivate licenses

    • Use the remaining tabs to set Role Permissions that are specific for Control Center. These Permissions apply when your users log in to Control Center. The following Permissions tabs correspond to pages in Control Center:

      • Overview: Set access to the overview page in Control Center .

      • Documents: Set general, default, and custom Permissions for Documents storage: archiving/restoring, purging, setting workflows, etc.

        Note

        To learn more about file access control options, read File Access Control.

      • Applications: Set Permissions for Applications and Cloud Integrations management.

        Note

        You can also enable running NiceLabel Automation Manager.

      • Printers: Set Permissions for print queue viewing and management, printer group configuration, reservations, and cloud printers.

      • History and Analytics: Set Permissions for viewing errors, alerts, print job logs, label reprinting, viewing data, and system audit logs.

      • User Management: Enables your user to manage your authentication settings, Access Roles, Application users and groups, and Application user password settings.

      • Administration: Set multiple administrative permissions for Control Center Access Role users.

  5. Click Save to apply your permissions.

Your custom Access Role Permissions are saved and applied in Control Center and other NiceLabel programs.

Access Roles

LMSPro-LMSEnterprise

The Users page allows you to assign Access Roles to your added users. This is how you define the level of privileges your newly added user has in Control Center. Read more about the Access Roles and the related User Privileges in the section Managing User Privileges.

To assign Access Roles to your application user:

  1. Go to Users > Users

  2. Click on the user from the list. The user configuration page opens.

  3. Under Access Roles click Add.

  4. The Add Roles dialog opens. The available Access Roles are listed. Assign your user the appropriate role(s).

  5. Click OK.

  6. Click Save.

Your user is now a member of the selected Access Role with all the corresponding User Privileges.