I need some suggestions on setting some limited permissions as an admin for our Help Center.
We are about to create a new Account Role "Help Center" and without giving too much access or worrying about FERPA violations, has anyone gone through setting something like this up?
I was just curious on which Permissions were decided upon and why.
I had asked Canvas Support if any permissions were tied together so that if you turned one permission one, make sure you turn this one on too. They said that wasn't the case.
Thank you kindly for the help.
There are a lot of permissions that are tied together, or at least combinations that are needed to do the job. For example, in order to see a student's SIS ID, they'd need to both "See the list of users" as well as "Read SIS data".
Our help desk is very limited in what they're asked to do. Usually they'll check if someone has an account in Canvas (so "See users" and "Read SIS data"), or if a course exists ("view the list of courses"), and on occasion will help add someone to an orientation course (Add/remove teachers, add/remove students), and that's it. If the issue is bigger than that, then they just collect info and then the issue goes to Tier 1 Canvas Support (paid service from Instructure) or the Canvas Admin (me). We also have a team of instructional designers to help the faculty with building the courses, which requires far more permissions.
I would agree. We do very limited permissions. We don't allow users to reset their password and so our help desk can modify login details so they can correct a password. This usually only happens if something went wrong in our nightly upload or sometimes for new employees whose account gets created with incorrect info and the upload doesn't always correct these. I recommend that you start with the minimum you think they will do. It is much easier to add permissions later than take them away after you deal with the repercussions of something that went wrong.