Note for accounts using Sales Records: This article includes a Legacy components section with additional information that applies to your account.
All users in AMS+ must be assigned to a Security Group. The Security Group controls what users can see and do in AMS+. We recommend this article to agency administrators who may be creating and managing users.
Requirements
- You must be logged into AMS+ as an Agency User.
- You must be assigned to a Security Group with the Manage Security Groups & Teams permission.
In this article
Navigating to Security Groups
To access Security Groups, go to My Agency Settings > Security Groups.
User types
The User Type controls the options you have for setting permissions and access. When creating a Security Group or assigning users to a Security Group, it's good practice to check the User Type and make sure it's the right fit.
- Agency User — Intended for agency staff or agents that have multiple roles and responsibilities. Allows for custom access to all areas and records in AMS+.
- Agent CRM User — Intended for agents that only need access to their book of business (up to a total of three), run reports, and download commission statements.
- Agent Statement User — Intended for agents that only need to download their commission statements.
Here are the areas and records that users of each type can access:
| Areas and records in AMS+ | Agent Statement User | Agent CRM User | Agency User |
|---|---|---|---|
| Group | - | Limited | Full |
| Individual | - | Limited | Full |
| Policy | - | Limited | Full |
| Agent | - | - | Full |
| Carrier | - | Limited | Full |
| Commission (Commissions+ only) | - | - | Full |
| Commission Statements | Limited | Limited | Full |
| Reporting | - | Limited | Full |
| Administrative (Data & Custom Fields, Teams, Users, Security Groups, Email Association, etc.) | - | Limited | Full |
| Marketing & Automation (if activated — Email Marketing or Automated Workflow) | - | - | Full |
| Engage+ (Manage Engage+ Content Library, Manage Social Media) | - | - | Full |
| Dashboard (View Agency Dashboard) | - | - | Full |
| Restrictions (Restrict login by IP address) | - | - | Full |
*The Agency User type is fully customizable. By default, it gives full access to everything in AMS+, but you can limit access to specific areas and record types.
Permissions and access
Permissions
Permissions define what users can do to the records they have access to. Here are three key permissions for Group, Individual, Policy, Agent, and Carrier records.
| Permission | Description |
|---|---|
| Visible | Allows users to see records and data of the record type throughout AMS+. This includes tables, lists, searches, reports, and more. |
| Edit | Allows users to make changes to records and data of the record type. |
| Delete | Allows users to delete records and data of the record type. |
Different combinations of permissions allow users to do different things. To view records and data of a record type, users only need the Visible permission. However, to edit or delete, users need a combination of the above permissions.
Keep this in mind if you want your users to be able to modify associations and shared data between multiple records. See the examples below.
Example 1: The user has the Visible and Edit permissions for Individual and Policy records. Thus, the user has the option to modify the Individual-Policy association.
Example 2: The user has Visible and Edit permissions for Individual records but not Policies. Thus, the user doesn't have the option to modify the Individual-Policy association.
Access
Access allows you to more precisely manage Group, Individual, Policy, and Agent records that your users can view. Many agencies limit access for certain users, such as agents/producers, to only their books of business. Learn more.
Commissions+ permissions
If your agency has the Commissions+ add-on, it's important to set both commission access levels and commission-specific permissions correctly in each Security Group, so your users can process and manage commissions in AMS+.
Commission access settings
There are two access settings related to commissions:
- All Commission Permissions
- Limited to Commission Settings, Policy Commission Details, and Policy Commission Payees
These access settings control which commission features are visible in the system. However, even if a Security Group is set to All Commission Permissions, users will still need additional permissions to take action.
Required permissions for commission features
Users must also be granted specific permissions to perform tasks related to commissions:
- Visible (Full Commission Viewing): Allows users to view all commission data.
- Edit (Full Commission Editing): Allows users to add and update commission entries.
- Purge Commission Entries: Allows users to delete commission data by Agent Statement Date from the Date Utilities page or by import from the Commission History page.
- Lock/Unlock Commission Entries: Allows users to lock or unlock Agent Statement Dates and the commission entries associated with them. This is required for agents to view their statements.
- Manage Agent Adjustments: Enables users to issue one-time payments using agent adjustments.
Important: If you assign the All Commission Permissions access level, make sure you enable the required permissions listed above. Otherwise, your users may not be able to view, edit, or manage any commission data, even though it appears they have full access.
Access and permissions for Engage+ Content Marketing
If your agency has the Engage+ Content Marketing add-on, it’s important to review and enable the Engage+ Content Library and Social Media permissions. The former allows users to access blog posts, email newsletters, and DIY content in the Engage+ Content Library while the latter grants access to social media management features. For more details, see this article.
Legacy components
The following content applies only to accounts with legacy features that may no longer be present in your account. If you're unsure whether this applies to you, check your subscription package on the Subscription page.
Legacy components in this section:
- Sales Enablement permissions — accounts using Sales Records
- Sales Pipeline and Sales Opportunity permissions — accounts using Sales Opportunities
Sales Enablement permissions
The Sales Enablement permissions control access to Phone Dialer, Rx Collect, Texting, Sales Records, Sales Automated Workflows, Sales Mass Emails, and Sales Reporting for accounts using Sales Records. Learn more.
| Areas and records in AMS+ | Agent Statement User | Agent CRM User | Agency User |
|---|---|---|---|
| Sales Enablement (Phone Dialer, Rx Collect, Texting, Sales Records, Sales Automated Workflows, Sales Mass Emails, and Sales Reporting; learn more) | - | Limited | Full |
Sales Pipeline and Sales Opportunity permissions
If the Administer Sales Pipeline permission is enabled, users assigned to the Security Group can create, edit, and delete Sales Pipelines in the account-level settings. Please note that this permission is available for Agency Users only.
The Sales Opportunity permissions affect users' ability to see, add, edit, and delete Sales Opportunity records in AMS+. Access can be limited to records assigned to the user's accessible agents only.
Refer to this article for more on Sales Pipeline-related permissions.