Flex Conversations Roles
Flex Conversations use Conversations API roles to manage participant permissions when adding participants to a Conversation or when using the Conversations SDK to connect.
The Role Resource represents what a User (e.g. agent, admin, supervisor) can do within the Conversation Service and individual Conversations. Roles are scoped to either a Service or a Conversation.
Users are assigned a Role at the Service level. This determines what they can do within the Conversation Service instance, such as creating and destroying Conversations within the Service.
Participants are assigned a Role at the Conversation level. This determines what they are able to do within a particular Conversation, such as inviting Participants to be members of the Conversation, posting Messages, and removing other Participants from the Conversation.
Flex creates the Conversation Service and adds the following Service and Conversation Roles during the initial Flex account setup.
Role: admin
Default Permissions:
-
joinConversation
-
deleteConversation
-
addParticipant
-
removeParticipant
-
editConversationAttributes
-
editOwnUserInfo
-
editAnyUserInfo
Role: supervisor
Default Permissions:
-
joinConversation
-
addParticipant
-
removeParticipant
-
editOwnUserInfo
Role: guest [DEFAULT]
Default Permissions:
-
sendMessage
-
sendMediaMessage
Role: agent
Default Permissions:
-
editConversationAttributes
-
sendMessage
-
sendMediaMessage
-
leaveConversation
-
editOwnMessage
-
editOwnMessageAttributes
-
deleteOwnMessage
Role: admin
Default Permissions:
-
editConversationAttributes
-
sendMessage
-
sendMediaMessage
-
leaveConversation
-
editOwnMessage
-
editOwnMessageAttributes
-
deleteOwnMessage
-
editAnyMessage
-
editAnyMessageAttributes
-
deleteAnyMessage
Role: supervisor
Default Permissions:
-
editConversationAttributes
-
sendMessage
-
sendMediaMessage
-
leaveConversation
-
editOwnMessage
-
editOwnMessageAttributes
-
deleteOwnMessage
-
editAnyMessage
-
editAnyMessageAttributes
-
deleteAnyMessage
The first time a worker logs in, Flex creates a corresponding Conversation User.
-
For workers authenticating through the Twilio Console, the corresponding Flex Conversation Service User will be created with the admin role.
-
For workers authenticating via a third-party IdP (identity provider), Flex creates a corresponding Conversation Service User according to their
SSO role
: agent, supervisor, or admin.
Once a worker logs in successfully, the Flex UI initializes the Conversations SDK with a token that includes the grants:
-
The token includes Flex Roles grants based on the user role (
agent/supervisor/admin
) that is set in the IdP.
-
The Conversation User
Service Role
is updated (in the Conversations Users database) based on the Flex Role grants (an agent can be promoted to a supervisor, or vice versa).
-
Regardless of what role you have as a Flex user, Flex Conversations uses the default configured role —
guest
— when adding the user to a Conversation or Chat Task.
-
Conversations limits
also apply to Flex Conversations limits.