Overview
This reference lists the definition of each permission you can configure in the Persona Dashboard. Permissions are categorized by product.
You can create roles for users in the Dashboard, and set granular permissions for each role. To learn more about roles and permissions, see our documentation here.
Note: You may see permissions for features you don't yet have access to. Reach out to your customer success manager or support@withpersona.com with any questions.
Inquiry
| Permission | Description |
|
View all inquiries and associated analytics |
Allows a role to view and filter a list of Inquiries in the All Inquiries page, and use Inquiry Analytics in the Dashboard. |
|
Redact an inquiry |
Allows a role to redact an Inquiry using the Redact Inquiry button on an Inquiry page. This irreversibly deletes all PII. |
|
View a specific inquiry’s details |
Allows a role to view a specific Inquiry in the Dashboard, including PII in the Overview tab of the Inquiry details page. |
|
Take actions on an inquiry |
Allows a role to approve or decline an Inquiry. |
|
View configuration of an inquiry template |
Allows a role to view how an Inquiry Template is configured on the Inquiry Templates page. |
|
Configure any inquiry template |
Allows a role to edit Inquiry Template configurations on the Inquiry Templates page. This includes the ability to update screen copy and change the number of allowed verification attempts. |
|
View an inquiry’s full SSN |
Allows a role to view the SSN field on the Inquiry details page in the dashboard, if SSN is present. (Not all Inquiries include an SSN.) |
|
View a verification’s ID number |
Allows a role to view the identification number from a Government ID Verification on the Inquiry details page in the Dashboard. |
|
Ability to export inquiries |
Allows a role to export a zip file of Inquiry data from the All Inquiries page. |
|
View all PII on an inquiry and related objects |
Allows a role to view PII fields on a specific Inquiry in the Dashboard. |
Verifications
| Permission | Description |
|
View a specific document verification extraction configuration details |
Allows a role to view Document Verification extraction settings in the Inquiry Template Editor, including which extractions are required. |
|
Edit a specific document verification extraction configuration details |
Allows a role to edit Document Verification extraction settings in the Inquiry Template Editor, including which extractions are required. |
|
View a verification’s full SSN |
Allows a role to view the SSN field on a Verification, if SSN is present. (Not all Verifications include an SSN.) |
|
View a verification’s ID number |
Allows a role to view the identification number from on a Government ID Verification, on the Verifications details page in the Dashboard. |
|
View all verifications and associated analytics |
Allows a role to view and filter a list of Verifications on the All Verifications page, and use Verification Analytics in the Dashboard. |
|
View a specific verification’s details |
Allows a role to view a specific Verification in the Dashboard, including PII and Verification check details. |
|
View normalized Verification files in Dashboard |
Allows a role to view Verification images in the dashboard (e.g. government ID or selfie images). |
|
Take actions on a verification |
Allows a role to redact a Verification. |
|
View document in Dashboard |
Allows a role to view a Document Verification using the document viewer in the Dashboard. |
|
View a specific document’s details |
Allows a role to view fields extracted from a Document Verification in the Dashboard. |
|
View a specific verification template’s details |
Allows a role to view how a Verification Template is configured (e.g. which Verification checks are required, and other verification settings) in the Inquiry Template Editor. |
|
Configure a verification template |
Allows a role to edit Verification Template configurations (e.g. which Verification checks to require, and other verification settings) in the Inquiry Template Editor. |
Accounts
| Permission | Description |
|
View an account’s identification numbers |
Allows a role to view the identification number from a government ID verification on the Account details page in the Dashboard. |
|
View all accounts |
Allows a role to view and filter a list of Accounts on the All Accounts page. |
|
View a specific account’s details |
Allows a role to view a specific Account in the Dashboard, including PII on the Overview tab of the Account details page. |
|
Update account details |
Allows a role to edit Account information, including name, DOB, address, email, and phone number. |
|
Permanently delete an account’s personal information |
Allows a role to redact an Account using the Redact button on the Account details page. This irreversibly deletes all PII on the Account and its associated Inquiries. |
|
View an account’s full SSN |
Allows a role to view the SSN on an Account page, if SSN is present. (Not all Accounts include an SSN.) |
|
Ability to export accounts |
Allows a role to export a zip file of Accounts data from the All Accounts page. |
Transactions
|
Permission |
Description |
|
View a specific transaction’s details |
Allows a role to view a Transaction (e.g. field values, ID, event timeline) in the Dashboard. |
|
Write a specific transaction’s details |
Allows a role to create and update a Transaction (e.g. update the status, redact) in the Dashboard. |
|
View a specific transaction type’s details |
Allows a role to view a Transaction type’s configurations (e.g. fields, statuses) in the Dashboard. |
|
Write a specific transaction type’s details |
Allows a role to create a new Transaction type and edit an existing Transaction type’s configurations (e.g. fields, statuses) in the Dashboard. |
Reports
| Permission | Description |
|
View all reports |
Allows a role to view and filter a list of all Reports run on end users on the All Reports page. |
|
View a specific report’s details |
Allows a role to view the results of a specific Report run on an end user, including PII. |
|
View a report’s full SSN |
Allows a role to view the SSN on a Report, if SSN is present. (Many Reports do not include an SSN.) |
|
Dismiss matches within Watchlist, PEP, and Adverse Media reports |
Allows a role to dismiss matches on Reports if they are deemed to be a false hit. This allows the Report to run on subsequent recurring runs. |
|
Create ad-hoc reports in Dashboard |
Allows a role to manually create Reports to enhance Inquiries and Verifications in the Dashboard, using Report Templates that are available in the Dashboard. (I.e. An org must have a PEP Report Template in order to create one ad-hoc.) |
|
Pause and resume individual recurring reports |
Allows a role to pause or resume a Report that is set to recur. |
|
Read report templates |
Allows a role to view a Report Template’s settings on the Report Template details page. |
|
Configure report templates |
Allows a role to configure a Report Template’s settings on the Report Templates details page. |
Cases
| Permission | Description |
|
Assign a case |
Allows a role to assign a Case to a particular user via the Dashboard. |
|
View cases (by default, only those assigned to you) |
Allows a role to view and filter Cases on the All Cases page. A user will only see Cases assigned to them, unless they also have the permission “View all cases, even those not assigned to you, and associated analytics” on the associated Case Template. |
|
View a specific case’s details |
Allows a role to view a specific Case in the Dashboard. If the role also has permission to view the underlying linked objects (ie Inquiry, Verification, Account, Report), they will see the associated PII. |
|
Resolve a case |
Allows a role to resolve a Case in the dashboard. They can set the status to approved, declined, or any other custom status defined on the Case Template. |
|
Create a case |
Allows a role to create a case in the Dashboard. |
|
View a verification’s ID number |
Allows a role to view the identification number from a Government ID Verification on the Case details page in the Dashboard. |
|
Redact a case |
Allows a role to redact a Case in the Dashboard. This irreversibly deletes all PII. |
|
Resolve a group of cases at a time |
Allows a role to bulk-resolve cases on the All Cases page. |
|
Ability to export cases |
Allows a role to export a zip file of Cases data from the All Cases page. |
|
View a specific case template’s configurations |
Allows a role to view a Case Template’s configurations (e.g. layout, assignment policies, custom statuses, etc). |
|
Update a case template’s configurations |
Allows a role to create new Case Templates and update an existing Case Template’s configurations (e.g. layout, assignment policies, custom statuses, etc). |
Workflows
| Permission | Description |
|
View all workflows |
Allows a role to view Workflows on the All Workflows page. |
|
Create new workflow and make updates to existing workflows |
Allows a role to create new Workflows and edit Workflows. |
|
View all workflow runs and associated analytics |
Allows a role to view all runs of a specific Workflow (ie all of the times that workflow has been triggered and what occurred), and analytics for that Workflow. |
|
View all workflow versions |
Allows a role to see previously published versions of a specific Workflow. |
Graph
| Permission | Description |
|
Ability to export graph text view |
Allows a role to export Graph query results as a CSV on the Graph Explorer page. |
|
Ability to view graph query results |
Allows a role to view the results of a Graph query on the Graph Explorer page, or via a saved query link. |
|
Ability to create graph queries |
Allows a role to create a new Graph query. |
|
Ability to view graph query templates |
Allows a role to view configurations for a Graph query Template. |
|
Ability to update graph query templates |
Allows a role to create new Graph query Templates and update configurations for existing Graph query Templates. |
|
Ability to view graphs |
Allows a role to view Graphs on the Graph Explorer page, and in Case and Account pages. |
|
Ability to update graphs |
Allows a role to update Graph configurations for use in Workflow conditionals. |
API
| Permission | Description |
|
View environment API keys |
Allows a role to view API keys. |
|
Rotate environment API keys |
Allows a role to expire and rotate API keys. |
|
View environment API logs |
Allows a role to view API calls that have been made within the current environment. |
|
View specific environment API log |
Allows a role to view the exact API log details within the current environment. |
Webhooks
| Permission | Description |
|
View current webhooks |
Allows a role to view webhooks currently configured on the Webhooks page. |
|
Create, update, delete, or rotate secrets to existing webhooks |
Allows a role to create new webhooks, update existing webhooks (e.g. add new events, change the endpoint), delete existing webhooks, and rotate secrets for existing webhooks. |
Team
| Permission | Description |
|
View all users of an organization |
Allows a role to view all users of an organization. Note: Many modules on Inquiries, Accounts, Cases, and other products will throw an error if this permission is not granted. |
|
Update other users’ settings |
Allows a role to update another user’s settings (e.g. update their role, issue a recovery code, or deactivate/activate them). |
|
View 2-factor authentication configuration for all users |
Allows a role to view whether users have 2FA configured or not. |
|
Update roles’ settings |
Allows a role to update permissions for all roles in the Dashboard. |
|
View all users audit logs |
Allows a role to view user audit logs. |
|
Expire current user’s user sessions |
Allows a role to sign out other users from existing sessions. |
|
View user sessions of all users |
Allows a role to view all user sessions. |
|
Update the availability of all users |
Allows a role to mark a Dashboard user as available or unavailable, for use in Case assignment policies. |
Organization
| Permission | Description |
|
View all invoice information |
Allows a role to view all invoices on the Billing page. |
|
View specific invoice information |
Allows a role to view a specific invoice details by downloading them from the Billing page. |
|
Configure your organization’s settings |
Allows a role to update organization-level information and security features. |