Documentation
DocumentationDeveloperAcademyCommunitySupportLogin
Start typing to search…

Governing interactions - Best practices

Determine who should have access to all user interactions.

The Interactions table contains all user conversations, which may include sensitive and private information (A user might share their social security number, or ask specific about the doc that only a few people own). Because of this, broad ownership of Interactions is not recommended. Customers must follow the principle of least privileges and the first step is to determine who at their org needs access to all user interactions to get their job done.

Only the people who absolutely require all user conversations , should be given the “Interactions viewer” role. This role can only be given / revoked by Super admins.

Create and share custom views, instead of all data products

If at your org, there are employees who need not have access to the entire table, but partial data. _(Example : Interactions for a specific domain like IT, HR, Finance, or Interactions for specific topic, or interactions for specific plugins), we recommend to create custom views of the dashboards. Custom views are filtered versions of reports that can be saved and shared with users.

For example : You can create a custom view for IT interactions and share it only with IT admins. You might also create a custom view of user interactions belonging to a specific plugin and share it with your Agent studio developer, so that they can identify improvement areas for their plugins.

Follow the principle of least privilege (PoLP)

The principle of least privilege (PoLP) is an information security concept which maintains that a user or entity should only have access to the specific data, resources and applications needed to complete a required task.

Example :

If an analyst needs to report on plugin usage and adoption, they need not require the overall interactions table access, only a custom view of interactions table, that only contains the interaction ID and plugin name. By using these two data columns they shall be able to achieve their job, and hence must only be given access to a custom view built on top of Interactions table containing only these two columns.

If a Knowledge worker only needs to report on best and worst performing content items, they must not be given access to entire Interactions table. Their job can be achieve by two data columns : “Resource name” and “Interaction ID”, using these two data columns they can report on top and worst performing content items and hence must be shared a custom view containing only these two columns, instead of sharing entire Interactions table.

Keep permissions in check

We recommend regularly reviewing shared custom views and revoking access for users who no longer require them. As new conversations accumulate over time, outdated access can unintentionally expose future user interactions. Keeping permissions up to date ensures that only the right people can view sensitive data.

Updated about 1 hour ago