Setting Up Custom Permissions

InsurFront’s robust permission management system empowers super administrators to meticulously define and control permissions for roles, individual users, and API keys.

Understanding the Scope of Permissions

Permissions in InsurFront are intricate and far-reaching. They dictate what features and data users can access within the InsurFront UI and, crucially, they also influence data access through the API using individual API Keys. This dual impact ensures that permission settings in the UI are consistently mirrored in API interactions, providing a cohesive and secure user experience.

Navigating to Permission Management

For super administrators, the journey of setting up custom permissions begins in the System Settings. By navigating to Settings > System Settings > Permission Management, super administrators are presented with a comprehensive interface where they can configure permissions for the platform's entire range of features and data.

API Interaction and Permissions

The flexibility and detail of InsurFront's permission system extend to its API interactions, providing a seamless alignment between the UI and the API.

Using the 'GET /systemrolepermission' Endpoint

Developers can utilize the 'GET /systemrolepermission' endpoint to fetch permissions associated with a specific API Key. This endpoint serves as a valuable tool for understanding the scope of access granted to an API Key, aiding in the development and debugging of API integrations.

Permissions in the User Object

Within the API’s User object, there is a field labeled 'SYSTEM Permissions,' which contains a unique identifier for each user's permissions set. This unique ID can be used in conjunction with the 'GET /systemrolepermission' endpoint. By supplying the user's permission unique ID in the 'id' parameter of the request, it's possible to retrieve the specific permissions assigned to that individual user. This functionality is instrumental for integrations or applications that require a detailed understanding of a user's access rights.

Leveraging Webhooks for Real-time Updates

In addition to direct permission queries, InsurFront supports real-time updates on permission changes through webhooks. These webhooks can be set up via the Developer > Webhooks page in the InsurFront UI. Once defined, these webhooks provide immediate notifications about changes to the permissions structure, allowing integrated systems or applications to stay synchronized with the latest permission settings. This real-time update mechanism ensures that all parts of the system reflect the current permissions landscape, enhancing security and operational coherence.

The Impact of Custom Permissions

The ability to define custom permissions in InsurFront is more than a feature; it's a fundamental aspect of the platform's security and usability. By granting super administrators the power to precisely control access to features, data, and API functionalities, InsurFront ensures that each user has exactly the tools and information they need to perform their role effectively. This precision not only bolsters security by adhering to the principle of least privilege but also enhances user experience by streamlining interfaces and interactions according to role-specific requirements.

In conclusion, setting up custom permissions in InsurFront is a straightforward yet powerful process. The platform's immediate application of changes, detailed API interaction capabilities, and real-time webhook notifications for permission updates collectively create a robust, secure, and adaptable permission management ecosystem. Whether adjusting access for a role, an individual user, or an API key, InsurFront provides the tools and capabilities necessary to tailor the platform to the unique needs and workflows of your insurance operations.

Actions and data permission types

Customers

• Add documents: Upload and share documents with customers and to be viewed internally.

• Archive accounts: Allows the user or API to archive any customer account, not to be confused with platform users (which could be agents or customers).

• Create account: Allows the user or API to create a customer account from the 'Customers'-page or through the applicable Account-object endpoints.

• Manage notes: Allows the user or API to add new notes and edit their own notes, as well as archive any other notes. Notes cannot be deleted.

• View billing: Allows the user or API to view payment schedules, invoices, and billing terms of any customer account.

• View documents: Gives the user or API data access to account documents.

• View sensitive information: Gives the user or API data access to potentially sensitive customer information, including personal ID numbers/SSNs, date of birth, etc.

Quotes

• Conduct reviews: Gives the user or API access to quote version review workflows in cases where a decision wasn't made automatically according to the auto-approval conditions of the agent that calculated the quote.

• Number of reviews required: This is a numbers field applicable only if "Conduct reviews" is enabled. It indicates how many individual approvals are required for this user's approval to be confirmed. Since approvals must be unanimous, a rejection is confirmed immediately, while an approval will only be confirmed when this number of approvals and no rejections are confirmed. If other reviewers have a lower threshold of required reviews, the lowest number will apply. For example, if the initial reviewer requires 4 reviews, and the second reviewer requires 3 reviews, and the 3rd reviewer requires 4 reviews, the 3rd reviewer's approval will confirm the approval.

• Allow escalation: This permission will let the user or API escalate a rejection to an agent that is authorized to handle an escalation. That authorized agent will then be able to override the rejection.

• Handle escalations: With this permission, the user or API will be able to make an override decision on an escalated quote version. This scenario would occur if a reviewer rejected a quote version and an authorized agent escalated the issue.

• Allow auto-approval: With this permission, the user or API can finalize a quote version without requesting a review. Limits to auto-approval of policies with adjustments are managed separately.

• Discount limit (%): This is a percentage amount field. It acts as the discount limit for auto-approval, as a percentage of each policy's subtotal premium. This limit may be overwritten by product-specific limits. 'Allow auto-approval' permission must be enabled for the limit to apply.

• Surcharge limit (%): This is a percentage amount field. It acts as the surcharge limit for auto-approval, as a percentage of each policy's subtotal premium. 'Allow auto-approval' permission must be enabled for the limit to apply.