Roles and Permissions control which Pendo features internal users can access. The role given to a user provides granular permissions, including access to guide creation, editing, and publishing, Page and Feature tagging, analytics tools, sharing capabilities, and settings. In a multi-app subscription, users can have different roles for each application.
This article summarizes the current user types and roles available, how to invite users, and how to add or edit user roles. For information about the legacy version, see the Legacy User Roles and Permissions article. For information about Roles and Permissions in Pendo Feedback, see Manage Team: Roles and Permissions in Feedback.
Prerequisites
You must be a Pendo Admin user to:
- Change another user's role.
- Create custom roles.
Only Pro and Enterprise-tier subscriptions have access to custom role creation.
User types
There are two user types in Pendo Engage:
- Subscription Admin. This is a subscription-level role. Admins have full access to the Pendo subscription, including its features, users, settings, metadata, and integrations. The role also includes any configuration visible to the entire subscription, such as guide themes, core events, PES, and product areas. Admins can also invite new users, change the role of a user, remove users, and create custom roles.
- User. Users have Viewer role access to the Pendo subscription. You can control the visibility of the reports and segments in at the subscription level (subscription-level permissions) and additional app-level roles.
Subscription-level permissions
Admins are granted access to the entire subscription. Any other User can be granted the following subscription-level permissions:
- Create Reports for Everyone. This permission grants the ability to set report visibility to Everyone in the subscription. When disabled, reports created by the user are only visible to themselves.
- Create Segments for Everyone. This permission grants the ability to set segment visibility to Everyone in the subscription. When disabled, segments created by the user are only visible to themselves.
App-level roles
If you choose the User type, you're also prompted to choose app-level roles (Analyst, Guide Content Creator, and so on), which define specific sets of permissions for that role. Admin users are granted all permissions. As a subscription-level role, you don't select app-level roles for the Admin user type.
App-level roles manage a user's access to guides and analytics features for each of your applications in Pendo. You can assign multiple roles to a user to give them the right combination of permissions. For example, a user could be assigned the Guide Publisher and Analyst roles to manage guide content and analytics tags without being able to create new guides. If you give the same user two roles, one of which has permission to create a guide and the other doesn’t, the user is still granted the ability to create guides.
Default app-level roles
The following table lists the default app-level permissions for different user roles. If you're a Validate customer, you're additionally given Validate-specific roles to choose from. For information about these specific roles, see Validates ideas.
Administrators have all of the listed permissions and are included in the final column of the following table for comparison. The top headings are User roles, and the possible app-level permissions associated with each role are listed on the left. None of these roles can manage guide themes or invite new users, which are activities reserved for Admins.
| Viewer (Default) | Guide Creator | Guide Publisher | Guide Content Editor | Analyst | Resource Center Author | Resource Center Publisher | Admin* | |
| Create and edit guides from scratch | Yes | Yes | ||||||
| Create and edit guides from layouts/templates | Yes | Yes | Yes | |||||
| Delete draft, staged, and disabled guides | Yes | Yes | Yes | Yes | ||||
| Publish and schedule guides | Yes | Yes | ||||||
| Create, edit, and delete Pages, Features, and Track Events | Yes | Yes | Yes | Yes | ||||
| View metrics and create reports | Yes | Yes | Yes | Yes | Yes | Yes | ||
| Create and edit the Resource Center | Yes | Yes | ||||||
| Promote the Resource Center to staging | Yes | Yes | Yes | |||||
| Promote the Resource Center to production | Yes | Yes | ||||||
| Disable the Resource Center or demote to draft | Yes | Yes | ||||||
| Delete the Resource Center (Admin-only) | Yes | |||||||
| Manage core events and PES (Admin-only) | Yes | |||||||
| Manage product areas (Admin-only) | Yes | |||||||
| Manage guide themes (Admin-only) | Yes | |||||||
| Manage settings, including inviting users (Admin-only) | Yes |
Users can have different roles for each application in your multi-app subscription. A user that only needs to create guides in one app can be a Guide Creator in that app and a Viewer in all other apps.
Viewer is the default role automatically assigned to all apps for all users and can't be unassigned. Roles and permissions can't limit data visibility. All users can see all data in the subscription.
Custom app-level roles
Customers in the Pro and Enterprise subscription tiers also have access to Custom Roles. Custom roles allow admins in the subscription to save new sets of permissions as app-level user roles in addition to the default roles provided by Pendo. There are additional granular permissions that control the level of access to various Pendo features.
You can choose any combination of permissions. Multiple roles, custom or default, can be assigned simultaneously during user setup. You have the flexibility to provision users in the way that's most convenient for you. For example, you can create a custom role for a team to provision those users or create roles by Pendo product area to provide deliberate access to certain features.
Permissions are available for Guides, NPS, Resource Center, Tagging, and Product Setup. All users have Viewer access to Dashboard, Product, People, Behavior, and Guides, which allows them to create reports and view analytics in the subscription.
Create custom roles
Manage custom roles on the Custom Roles tab in User Settings. Custom roles are only available to admin users in Pro and Enterprise subscriptions.
To create a custom role:
- Select + Create Custom Role.
- Enter Custom Role Details.
- Select permissions for each product area. For a list of available permissions, see Custom roles permissions list in this article.
- Select Save Custom Role.
This adds the new role to your custom roles, which can now be assigned when applying roles in User Permissions.
Custom roles permissions list
Custom roles can use any combination of the following permissions. Giving a user multiple roles gives that user any additional permissions assigned to that role. A permission that is assigned in one role but not unassigned in another is assigned to the user if both roles are applied.
Invite internal users
Only Pendo Admins can create new users by inviting them. To invite users:
- Go to Settings > Users, accessed from the bottom of the left-side menu.
- Select + Add User in the top-right corner of the page.
- Choose the appropriate user type: Subscription Admin or User.
- Enter the user details (name and email address).
- If choosing User Permissions, select the subscription-level permissions for sharing and editing segments and reports.
- If you're a Validate customer, choose the appropriate roles for the user. For information about Validate roles, see the Validate ideas article.
- If choosing User Permissions, select the apps and user roles to assign the associated permissions to the user. Roles can be assigned to multiple apps at the same time to apply roles quickly. Select a single app to adjust roles for only that app. Select multiple apps to adjust roles for all them at the same time.
- If you're a Feedback customer, select the appropriate permission group from the dropdown menu.
- Select Invite User in the bottom-right of the form. Users then receive an email invitation to create an Adopt account.
Warning: Sometimes a "no-reply" email is automatically blocked or filtered to spam. Advise your IT team to allow the no-reply email address through filters.
Assign roles to a user
Pendo admin users can assign roles when creating a new user or editing an existing user. Admins can't edit their own roles and must instead be assisted by another admin in the subscription. This is best practice for role provisioning and prevents the only admin in a subscription from accidentally unassigning their own admin role.
Note: If a user hasn't accepted their invitation, their profile doesn't appear in the Users list.
Users for the subscription are managed in Settings > Users. Select an existing user from the Users table and then Edit User in the panel that slides out on the right. From here:
- Choose the user type: Subscription Admin or User.
- Edit the user details (name and email address) as appropriate.
- If choosing User Permissions, select the subscription-level permissions for sharing and editing segments and reports.
- If you're a Validate customer, choose the appropriate roles for the user. For information about Validate roles, see the Validate ideas article.
- If choosing User Permissions, select the apps and user roles to assign the associated permissions to the user. Roles can be assigned to multiple apps at the same time to apply roles quickly. Select a single app to adjust roles for only that app. Select multiple apps to adjust roles for all them at the same tieme.
- If you're a Feedback customer, select the appropriate permission group from the dropdown menu.
- Select Save Changes in the bottom-right of the form.
Remove a user
Only admin users can remove other users from a subscription. They can't remove themselves. To remove users from a subscription:
- Go to Settings > Users.
- Find and hover over the user.
- Select the trash icon at the end of the row.
- Select Remove User.
Any guides, public reports, and segments created by the removed user remain in Pendo, but the creator no longer has access to the subscription to view or edit them. Reports and dashboards created by a removed user can't be edited by other users, but admin users can delete these reports and dashboards.