You probably don’t want this guy touching your API keys.
And you definitely don’t want this guy adjusting the settings of your domains.
Introducing role-based access control for dashboard users. You can finally get some sleep at night knowing that a rogue marketer isn’t messing with your Mailgun account.
With these new user management features, you can better map a user’s Mailgun access to the privileges they need for their job responsibilities.
We added multi-user accounts a couple years ago, but every user was given full access to everything in Mailgun. Now, with this subuser functionality, you’ll be able to set up a Mailgun account as an “Admin,” then grant permission to various people in your organization who can only view reports or manage billing, for instance.
It reduces the risk of account compromise, and it gives you more control over what users can (and can’t) access. Plus, it makes the dashboard experience more straightforward for folks from marketing and accounting who think APIs are great and all but have no idea what they actually are.
We’ve added several additional roles so you can safely expand access to other members of your team who could benefit from a few guardrails. Each user on your account can belong to one of the following roles:
Analyst: Analyst users have limited access to the control panel. They are allowed to read most data in the dashboard, except for sensitive information like API keys and SMTP passwords. We’ve designed this role for marketers, product managers, and other users who would like access to reporting features.
Billing: Billing users can change payment settings, review invoices, and inquire about billing issues, but they will not be able to make account-level changes. Many organizations have billing administrators who are responsible for managing spend and paying invoices, and this role is for them.
Support: In addition to read privileges, support users have the ability to edit suppressions, manage mailing list members, and open/comment on support tickets. This role is designed for users in your organization who may need to troubleshoot deliverability issues for recipients.
Developer: Developer users have access to read API keys and SMTP credentials so they can configure applications that are leveraging Mailgun. It’s a highly trusted role that has the ability to manipulate most settings on the account, except for editing account details and managing control panel users, API keys, and SMTP credentials.
Admin: Admin users have full access to the account. They can add and remove dashboard users, manage credentials, and do everything a Developer user can do. In other words, they can do everything.
So why these five roles? Why not 5,000? The short answer is that we wanted to keep user management simple. To do that, we looked at the most common tasks our non-developer users were doing in Mailgun and created roles that would give them just enough permissions to get the job done. We could have come up with thousands of configurable options to solve for every use case, but that would have overcomplicated something that needs to be straightforward.
As part of this release, we’ve also provided additional features to manage the owner of the account. There can only be one owner per account, but the existing account owner can transfer ownership to another account user. Account owners receive all account communication and can’t be removed by any other user on the account.
Role-based access control is rolling out today, but you won’t notice much of a difference unless you manage your account settings. All current users will become Admin-level users by default.
To assign different roles to your account’s users, please visit the Account section of the control panel. There, you can choose the appropriate permissions level for each user. And when it’s time to add new users to your account, you’ll be able to easily select a role upon user creation. You can also find information about managing user roles in the docs.
Don’t yet have a Mailgun account? Sign up now. Mailgun makes it easy to send, receive, and track your transactional and marketing emails. Try us out with your app!
Last updated on January 09, 2020