In this article, you'll discover how habilitations work, and the best practices we recommend you put in place to ensure your experience with Kls goes as smoothly as possible.
Contents |
1. Introduction to how habilitations work
Be authorised to use Kls Desk means that you have access to one of the Desk's applications via a client financial institution.
It is possible to be authorized on behalf of several institutions; in this case, when the user logs on, he or she can choose his or her environment according to the entries proposed.
Access is defined by the fact of having one's email address entered as a contact on behalf of a financial institution. Every user of an application, whether a customer or not, therefore has authorization.
However, there is a difference in access management for users of a client financial institution (having subscribed to a Desk license) and those of a non-client financial institution (simply invited): The “Habilitations” page.
If you are a user of the Desk on behalf of a non-client financial institution, access is managed reactively and only by invitation from a client financial institution, on a per-file basis.
On the other hand, a client financial institution can proactively manage its employees' authorizations via a dedicated page.
The “Habilitations” page allows you to:
- Manage your organization chart;
- Add or archive users on behalf of your facility;
- Assign personalized roles and rights to each user.
The authorization phase is discussed with your Kls contact during the Onboarding phase.
It will then be your responsibility to ensure continuity and sustainability by regularly adjusting the list of your collaborators-users.
2. Desk Kls: roles
- Team leader:
This role is frequently given to team managers or people with responsibility for managing tool/software authorizations on behalf of employees.
It gives the right to access the “Habilitations” page, to create teams in the organization chart and to manage accesses (create/manage new users or archive existing users).
By capillarity, a Team Manager sees and has access to operations created and managed by users in his or her team and in lower-level teams. If a Team Leader is added to a team, he or she automatically gains view and access to the operations of users present in that team, as well as users in related lower-level teams.
A Team Leader empowered at root team level (see below) will therefore have full visibility of all existing operations on the Kls Desk.
The Team Leader will also have the task of regularly consulting the guests team in order to perpetuate the access or otherwise of users who have been invited on behalf of your establishment by other entities.
- User:
The “User” role is a simple user. You become a user as soon as you are entered as a contact within a facility.
It has no specific capabilities beyond the rights assigned to it (see rights below), and will only be able to view things it has created (if it has the right to do so) or to which it has been specifically invited by a peer.
3. Habilitations management
This page is only accessible if you have the “Team Leader” role (see above). It enables you to manage the users who have access to your entity's Kls space, as well as the teams and rights of each user.
1. Basic teams :
When you first log on to the Kls Desk as a customer, you'll be presented with an organization chart comprising two teams: the root team and the guest team.
- The root team
The root team is at the top of the organization chart. It's from here that the other teams can be created. Once onboarding has been completed, the root team should contain only the highest hierarchical managers.
- The guest team
The guest team contains the list of users who have been entered as contacts on behalf of your company for operations on Kls, but who do not exist in your current organization chart.
This team is therefore “separate”, and contains users awaiting management (= archiving or redirection to the right place in the organization chart by a team manager).
Users in this guest team only have access to the operation(s) for which they have been registered. They see nothing else, and can take no action except on these operation(s).
This guest team enables other Kls client establishments to invite an employee from your establishment who has not yet been authorized, thus avoiding blocking the operation manager while awaiting authorization.
Indeed, some financial establishments start their authorizations with the users who will be creating operations.
However, the contacts responsible for monitoring an operation, for which their institution is the lender, are sometimes different.
Apart from these two teams, it's up to the team leaders to create and design the organization chart to suit their needs.
2. Creating a team :
When creating a new team, the team leader has two options: on the same level as an existing team, or below an existing team.
By hovering the mouse over an existing team, you can choose where to place the new team, thanks to the (+) symbol that appears (in this case, below or next to it).
![[Desk] Habilitation - Création dune sous-équipe(EN)](https://www.kls-desk.com/hs-fs/hubfs/%5BDesk%5D%20Habilitation%20-%20Cr%C3%A9ation%20dune%20sous-%C3%A9quipe(EN)%20.gif?width=688&height=325&name=%5BDesk%5D%20Habilitation%20-%20Cr%C3%A9ation%20dune%20sous-%C3%A9quipe(EN)%20.gif)
When teams are on the same level, there is no link between them. This creates a veritable Chinese wall between two teams, as user activity on one team will be completely invisible to the other.
Conversely, when a team is created below an existing one, it will be possible to implement the principle of capillarity, which will enable the “higher” teams to see the activity carried out by the collaborators of the “lower” team.
The capillarity principle is valid ONLY for users with the role of team leader.
A “simple user” only has access to the operations he creates and those to which he is invited.
In this way, the manager of a group of collaborators divided into several different teams can maintain a global view of the activity of his teams, without one of his teams being able to see the activity of the others.
3. Creating (or modifying) a user
Only a user with the Team Leader role can add/modify a user.
He/she will be able to act only on the team in which he/she is empowered, as well as on all subordinate teams. The Team Manager will not be able to take action on an employee or a team that does not correspond to his/her field of action.
To create a new user, simply go to the authorizations page, click on the team to which the employee will be assigned and click on “Add a member”.
Then simply enter the contact's email address, skill markets, role and future rights.
After validation, a new line will appear in the list of team users, with the collaborator's email address and the words “Account creating”. This indicates that the added user has received an email from Kls to finalize his/her account (create password & complete information). Once the profile has been completed, the message will disappear.
Once created, the user's rights can be modified, and he or she can be moved to another team at any time by a competent Team Manager. ![[Desk] Habilitation - Création dun utilisateur(EN)](https://www.kls-desk.com/hs-fs/hubfs/%5BDesk%5D%20Habilitation%20-%20Cr%C3%A9ation%20dun%20utilisateur(EN).gif?width=688&height=325&name=%5BDesk%5D%20Habilitation%20-%20Cr%C3%A9ation%20dun%20utilisateur(EN).gif)
4. Explanation of rights and markets
When a user is authorized, it is possible to customize his or her rights and scope of authority.
- Markets
The markets assigned to a user will be of primary importance when his or her establishment is invited to an operation via the Kls Desk.
When a user invites your establishment to the Kls Desk, a list of your authorized contacts will be proposed -> this is your contact book.
The order in which these contacts appear will be determined by their relevance to the market of the operation selected by the creator.
For example, if the operation is defined as being linked to the “Business” market, then all users authorized to work with the “Business” market will appear first in your list of contacts.
- Creation rights and roles
As Kls is a multi-application software publisher, when you become a customer, you may have several uses for our software, depending on your subscriptions
In order to be able to segment your use cases, but also the levels of responsibility of your collaborators, you can assign creation rights by Desk application, i.e. : Debt Syndication, Debt Tracking and Debt Eligibility.
It will also be possible to define whether the user has a team management role, in other words, the ability to manage a team's access and benefit from the principle of capillarity. (see above)
5. Archiving and access management
A Team Leader will always be able to modify the rights and information of users under his or her management, as well as changing them to another team.
He/she can also archive a user, which has the effect of instantly deactivating the user's access. The user loses access to all operations and invitations to which he or she was a member. Archiving is reversible!
To archive a user, simply open the team containing him/her, identify the user's line and click on “Actions” on the far right. The “Archive” item will be available in the drop-down list. The user will be grayed out, indicating deactivation.
To unarchive, follow the same procedure and click on “Unarchive”.