How can I grant “Read Only” community access to employees? The use case is that we want to encourage employees to monitor what our customers are saying in the community but prevent them from posting until they have approval and training. Another use case is Sales people showing the community during product demos. We do want them to showcase the community but don’t want them to post or reply while logged in as a “demo user,” and we want to be able to filter these users out of our monthly reports. I tried searching for articles and other discussions on this but didn’t find anything.
Hi
The best way to manage this is via custom roles. You can read more about this here:
And more about how to set up custom roles here:
Once you have a custom role set up for your colleagues that do not have approval to post on the community you can restrict their ability to post in a Community category by following this guide:
Oliver’s reply is correct / the best for “how to” restrict, but adding some context:
There’s not a holistic “read-only” setting for the entire community, nor a way you can apply permissions for a Custom role across each part of the platform. So you’ll need to do this for each Platform area where there are posting/replying permissions:
- Community - for every single category
- Knowledge Base
- Product Updates
- Ideas
Groups don’t have permissions, so this is a gap in your ability to restrict posting/replying, so hopefully the restrictions elsewhere (and your guidance) can cover it.
Thanks for the info
I have also been thinking about this this week.
The issue I have is we will have Employees who contribute, and those who do not, i.e. View only.
As you rightly say, permission are cumulative starting with Primary Roles.
The solution I have come up with is thus.
Primary Role | Custom Role | |
---|---|---|
Registered User | Employee - Contributor | This custom role serves only for Reporting and analytics |
Unregistered / not logged in | Employee - Viewer | The primary role serves no purpose and the custom role can be created to be made as view only.
|
This requires assigning to NON contributing employees the unregistered Primary role.
permissions are additive between primary and custom roles, and primary roles are fixed - they cannot be edited and you cannot create any new ones. So if an employee has the primary role of “Registered User” (the main role assigned to nearly all community members) and the custom role “Employee,” I would not be able to revoke posting permissions using the custom role unless I also revoked that permission for the primary role which would then impact all other community members. I assume I would then have to create another custom role (for all non-employee members), assign it to everyone else (many thousands of members) and grant that custom role posting permissions.
My community pushes a custom role for each type of user (Customer / Partner / Employee) via an automation based on their Salesforce contact.
Depending on what roles you’d want, I’d recommend doing something like that. Having the custom roles not only allows you to set permissions the way you want, but helps with quick analytics and metrics you’ll like be asked. The analytics dashboards are filterable by custom roles, so taking the time to set up for permissions will provide an ROI when someone asks you for role-based metrics.
I’m currently doing this using a Zapier to send new posts to a slack channel. I then invited all the product teams to that Slack channel so they could monitor the incoming questions.
https://slack.com/help/articles/201355156-Configure-your-Slack-notifications#keyword-notifications
I have used it with great success with Account names (when I was a CSM I could see any discussions around MY accounts) and for Community Topics pushed to slack, I could quickly find pieces I am interested or well versed in.
I used key words on slack so I can find any conversations where they are whispering about the community! It’s a handy tool!
I will look into pushing notifications into Slack - that looks interesting, though it would address different workflows/use cases than the one I originally posted about here.
Or the very simplest solution. Backfill all the existing users with a custom role: staff or not-staff.
Then build an automation via Zapier or another tool based on the new-user is created webhook event.
After everyone has a custom role (and you know net-new users will have one too), you can set permissions for posting based on if they have that or not.
- New user signs up
- Filter by domain
- If contains your domain, assign employee role
If not, assign non-employee role
That + a backfill of the existing accounts using the bulk action for adding a custom role, should get you to where you need.
I will look into pushing notifications into Slack - that looks interesting, though it would address different workflows/use cases than the one I originally posted about here.
When a user first logs in / registers, sure, they will receive the Registered User role.
But that does not mean they keep it forever.
You can change it and the role will not be “reset” to Registered User on the next log in.
Reply
Sign up
If you ever had a profile with us, there's no need to create another one.
Don't worry if your email address has since changed, or you can't remember your login, just let us know at community@gainsight.com and we'll help you get started from where you left.
Else, please continue with the registration below.
Welcome to the Gainsight Community
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.