Identify unused roles and permissions

Prerequisites
  • Authorization > Role > Edit permission to remove a permission from a role
  • Authorization > Role > View permission to view the permissions on a role
  • Authorization > Grant > Delete permission to remove a permission from a user

Administrators can identify unused roles that are assigned to users and unused permissions on a role. Genesys Cloud identifies the unused roles and permissions based on the usage patterns of users in the last 30 days. Administrators can remove them to reduce the security risks.

Note: Genesys Cloud does not identify unused roles and permissions in real time. The Unused columns update every 48 hours.

Identify and remove unused roles for a user

A check mark in the Unused column indicates that the user has not used this role in Genesys Cloud in the last 30 days.

  1. Click Admin.
  2. Under People & Permissions, click People.
  3. Find the user that you want to view.
  4. Click More and from the menu that appears, click Edit Person.

    In the Roles tab, the Unused column displays the check mark for the roles that are unused.

  5. To remove the unused role from the user, turn off the toggle in the Assigned column.

Identify and remove unused permissions for a role

A check mark in the Unused column indicates that none of the users with the role assigned have required this permission in Genesys Cloud in the last 30 days.

  1. Click Admin.
  2. Under People & Permissions, click Roles/Permissions.
  3. Find the role that you want to view.
  4. Click More and from the menu that appears, click Edit Role.
  5. Click the Permissions tab. The Unused column displays the check mark for the permissions that are unused.
  6. (Optional) To display only the permissions assigned for the role, click Assigned Permissions.
  7. To remove the unused permission from the role, clear the check box next to the permission.