1. Using Oracle CX Commerce Agent Console
  2. Configure Agent Console Settings
  3. Understand role-based access control

Understand role-based access control

Role-based access control affects how the agent works with the Agent Console.

The agent can process orders in two ways:

  • Exclusively in the Agent Console; or
  • On behalf of the shopper in the storefront.

The roles and access rights assigned to the agent determine his or her access to a shopper’s personal data. This access determines if the agent can process an order for a shopper or if the shopper is required to complete the order.

Use roles or access rights or both to provide the agent with access to properties required for placing an order or processing returns. For more information on creating agent roles and access rights, see Implement role-based access control for internal users in Extending Oracle CX Commerce.

Understand roles and access rights

When creating or editing an order, or processing returns for a shopper using the Agent Console, both roles and access rights created for the agent are used to display needed properties.

To create an order, the agent roles and access rights require him or her to have access to the following:

  • Shopper profile information (such as first and last name and email).
  • Shipping and billing addresses.
  • Shipping methods.

If roles or access rights restrict the agent from viewing any of this information, the agent cannot process the order. A shopper may also restrict an agent’s ability to view personal data. In either case, it would be the responsibility of the shopper to complete the order.

Understand roles when shopping as a shopper

Roles and access rights determine the properties the agent can see when working in the Agent Console. However, when the agent shops on behalf of a shopper in the storefront, only agent roles—not access rights—are used. The roles control the agent’s access to a shopper's personal data properties. If you define a property based on access rights, the property is not displayed to the agent on the storefront.

If the shopper does not grant permission for any of this personal data to be viewed, or if the agent role limits the agent from viewing any of this information, the agent is not able to create an order. The shopper would have to complete the order.