Business Partners are responsible for:

  • Assigning business partner and end customer users/administrators and ensuring access is only given to those who require it.
  • Configuring end customer password policies including MFA, session timeouts, password complexity, password aging, suspension policy.

Entity hierarchy 

VSM has two tiers of user management:

  1. Business Partner
  • A Business Partner user has access to (can see) all their own data and all the data of the customers belonging to them when assigned the Default role.
    • A BP can create a new role in Roles & Access that limits which customers that each of their users can access.
      • A BP can have Service Partner status so can also see customers shared (assigned) to them by another Business Partner who holds the primary customer contract.
        • The Service Partner can see all the data (Users, Customers, Locations and Equipment) of the shared customer. They can then apply their own Roles and Access to users for the shared customer.

     2. Customer

  • A Customer user can only see their own data. 

Permissions


There are three permission options that can be applied to both Customer and Business Partner users:

  • Administrator
  • Normal
  • Dashboard Only

Administrator Permissions

Administrators have full read/write access across their entity and any entities beneath them.  That means, a business partner administrator, has full access to edit and manage their BP account settings, as well as manage all the configuration and account settings of their customers. Note: Full access can be restricted using Manage Roles and Access.
An administrator can

  • Manage All Users (add, edit delete)
  • Manage All Scheduled Reports  (add, edit delete)

Normal Permissions

A normal user only has read permissions, and typically does not have edit permissions.  They typically can still access most of the same pages as an administrator, but will not have edit permissions.  Some administrative pages are hidden entirely from a normal user.

  • Manage all users (view only)
  • All Scheduled Reports is hidden

Dashboard Only Permissions

A DashboardOnly user can only view dashboards where 'Sharing' is set to Public on the Dashboard Settings page. When logging on they will be directed to the Dashboards Landing page. Clicking on a dashboard name will give the user the option to Open that dashboard.

  • When the user logs in they will land on the Dashboard landing page 
  • The user is able to open and view any dashboard that is set to public.

Creating New Users

To create or edit accounts you must have Administrator permissions. 


To add a new user navigate to:

  • Service Desk → Manage Customer → Manage Users
  • Administration → Manage Users

Click 'Invite User', and enter the email address for the new user and select the permissions required.

Tip: If you have more than one new Users to create then select the Invite Another box.

Click on the Invite button to send the Invitation email.

  • The user will be emailed an invite link, which they must activate in the next 24 hours, before it expires. 
  • Their email address is the Login ID
  • Once the user has accepted the invite, the administrator can further configure their access and assign them specific roles as needed. 




Service Partner

The intention of the Service Partner feature is to allow a Business Partner to outsource part, or all of the service management work to another Business Partner. This arrangement could be a full out-source of all work, just an occasional overflow, for geographic coverage, or on a pre-determined time-of-day basis. Time-of-day allows a Business Partner to offer extended hours of coverage, for example customer issues can be attended to 24 x 7 (without having to invoke a call-out) by engaging a Service Partner who is based in another time zone. Time-of-day is invoked only within workflows.


Within VSM, being a Service Partner (SP) is an attribute extension to being a Business Partner (BP).

A Business Partner configures themselves with the Service Partner attribute which advertises that they can take on work for other BP’s. There will be a commercial contract negotiation between the BP and SP (that Virsae and VSM is not privy to) that ensures the BP will pay the SP for the work they conduct.

Customers who have been shared via the Service Partner feature appear on the Business Partners landing page with the handshake symbol on the tile icon. If you see the handshake then this customer is not directly yours, and you do not hold the primary contract.

Service Partner rules enforced by VSM

  • The BP “owns” the customer and holds the master support contract.
  • The BP assigns a customer to an SP which effectively makes the customer visible to the SP. The SP can then see the customer on their partner landing page.
  • The SP can manage the assigned customer in all respects, except for the below. This includes using the Access Concentrator feature.
  • Some features are restricted so the SP cannot take actions that would materially change the terms & conditions agreed between the BP and the customer.
    • The SP cannot delete the customer
    • The SP cannot add users on behalf of the customer (for data security)
    • The SP cannot change the customer subscriptions
    • The SP cannot change the workflow used by the customer   
    • The SP cannot change the ‘Billing via AppFoundry’ for a Genesys Cloud Service
    • Administrator and Normal User permissions are respected - A SP Normal User does not have more permissions to a shared customer than to their own customer


Account Settings


Policies around Multi-Factor authentication, password settings, and session timeouts can be configured at a customer level, and applied to all users for by default. 

Account settings are configured under Service Desk → Manage Customer.


Password Policy

Password Aging

This setting is disabled by default.  If enabled, the policy forces a user to change their password after a specified number of days.

Password History

This setting is disabled by default.  The enforce password history setting determines the number of unique passwords associated with a user account, before an existing old password can be reused.   The maximum value is 24.  The minimum value is 1. 

Timeout Policy

Idle Timeout

This setting is disabled by default.  If enabled, it determines the number of minutes of inactivity before the user session times out and the user is redirected to the login page. 

The minimum value is 1 minutes. 

Dashboards and existing remote access sessions are exempt from this session. 

Suspend account on Inactivity

This setting is disabled by default.  

If enabled, the account suspension on inactivity policy setting determines the number of days an account is idle (if not logged in), before it will be suspended.  

The maximum value is 120.  

Once suspended, a user's account status will change from active to suspended.  The user will no longer be able to log on.  To re-enable the account, an administrator must edit the account and reset to active. 

Multi-Factor Authentication (MFA)

Enable Multi-Factor Authentication

Multi-factor Enabled will force one time code based MFA on all users, unless they are specifically excluded from this on their user profile.

Any user without MFA will be forced to set this up on their next Login.

Information on setting up MFA can be found here...

Allow MFA 'Remember Me'

This setting allows users to skip entering the MFA one time code the next time they log on. This only takes effect on the machine and browser the Logon used, while the cookies are persisted.

Over-riding account settings

These account settings can be over-ridden on a per-user basis by an Administrator by editing the specific user.

Roles and Access


It is possible for business partners to configure which customers, locations, or equipment their users have visibility of, this is configured under 'Manage Roles and Access'.  By default all newly created users have visibility of all customers, locations, and equipment within their entity realm.


Detailed information on configuring custom roles and access can be found under Manage Roles and Access


Managing Users


  • Administration → Manage Users, or 
  • Service Desk → Manage Customer → Manage Users

If you are an Administrator then it is possible to: 

  • Reset user password
  • Change user password
  • Update user account details
  • Over-ride customer account policy settings
  • Update user details
  • Update permissions
  • Suspend/Unsuspend user accounts
  • Delete user accounts


  1. To Edit an existing user, click on the Full Name or select View
    1. User details are presented
    2. Select the Edit button and amend fields. Then select Save.
  2. To Delete an existing user, click on the …More menu next to the user name and select Delete from the menu options:
    1. A Confirm Delete popup is presented
    2. Type the word ‘delete’ to confirm and select OK.
  3. To Reset a Password for an existing user, click on the … More menu and select Reset User Password from the menu options:
    1. A Confirm Reset Password popup is presented
    2. An email will be sent to the user with instructions to reset their password once the OK button has been selected.


  • To edit accounts you must have Administrator permissions. A normal user can view account details and edit some details of their own account.
  • Use Edit to Suspend an account. Change the account status to Active to unsuspend.

Account suspension

Accounts may be suspended due to:

  • Incorrect password entered more than three times (account is temporarily suspended for 30 minutes).
  • The customer, or business partners has enabled account suspension on inactivity under account details. 
  • Manually suspended by an Administrator. 


Switching Entities - BP only


Sometimes as a business partner, it is desirable to assume the entity of one of your customers.  For example when doing a demo for that customer.


To assume another entity, click on 'Edit Profile' in the top left.  Click Edit, and change entity as needed. 




To switch back to your default entity, click edit profile, and click 'Reset Account' at the bottom of the page



  • No labels