Operator GuidesSettings & RBAC

Settings & RBAC

Settings is where the platform is configured. What you see depends on your role.

Roles

PlaylogiQ ships five system roles, from most to least privileged:

RoleScope & typical use
super_adminPlatform Owner. Cross-tenant; manages everything, incl. brands, API keys, and integrations.
tenant_adminAdministers one tenant: users, most settings, all brands of the tenant.
campaign_managerRuns engagement: segments, campaigns, journeys, templates, tasks, exports.
analystRead-only across much of the surface (analytics, players, team).
viewerMinimal read access (players, campaigns, analytics).

Permissions are granular (e.g. players:write, segments:export, api_keys:manage) and can be assigned per brand, plus per-user grant/revoke overrides. See RBAC & permissions for the model.

Settings areas

  • Users — invite, edit, and remove users; assign roles (per brand).
  • Roles — manage system and custom roles, scoped per brand.
  • Brands — create/edit/deactivate brands (skins). Managing brands is a Platform-Owner concern. When creating a brand you choose the tenant it belongs to.
  • Custom fields — define operator-specific player fields (Platform Owner).
  • Integrations — API keys and the PAM mapping (Platform Owner, Tier 2). See PAM Integration.
  • Webhooks — outbound signed callbacks (Platform Owner). See Outbound webhooks.
  • Alerts — operator alerts and custom alert rules over metrics, with email notification.
  • Automation — task-automation rules (trigger CRM tasks from conditions).
  • Lifecycle — tune lifecycle/VIP thresholds.
  • Scheduled reports — recurring KPI digest emails with PDF charts.
  • Messaging — frequency-cap and suppression guardrails.
  • Custom fields — define operator-specific player fields (Platform Owner).
  • Audit log — who did what across the brand.
  • Account — your own profile and preferences.

Beyond Settings, the Platform Owner has a cross-tenant Platform console (/platform, incl. tenant management) — see Tenants & brands.

Tiers

The most sensitive areas — API keys, webhooks, integrations, and brand management — are Tier 2 and restricted to the Platform Owner by default. A tenant admin can be granted a Tier-2 capability only via an explicit per-user override.

The Platform Owner

The super_admin is the Platform Owner: cross-tenant by design. They see and operate every brand across every tenant through the normal (RLS-scoped) app — switching the active brand, or viewing an “All brands” aggregate — without any separate admin surface. This is enforced consistently in the database, not just the UI. See RBAC & permissions.