Admin & Governance

Roles, Permissions &

Audit Trails.

Granular RBAC, separation of duties, automated offboarding via SCIM, and a complete audit trail of every action in your My AI Front Desk account.

Request Enterprise Plan Details

Role & Permission Matrix

Four built-in roles with granular permissions. Each role controls what a user can view, listen to, export, edit, and manage.

Permission	IT Admin	Supervisor	Analyst	Agent
View call logs / metadata	Yes	Yes	Yes	Yes
View transcripts	Yes	Yes	Yes	No
Listen to recordings	Yes	Yes	No	No
Download / export recordings	Yes	No	No	No
Delete call records	Yes	No	No	No
Change recording settings	Yes	No	No	No
Edit knowledge base / AI scripts	Yes	Yes	No	No
Manage integrations (CRM, webhooks)	Yes	No	No	No
Change retention settings	Yes	No	No	No
Manage users / assign roles	Yes	No	No	No
Change routing / transfer rules	Yes	Yes	No	No
View analytics dashboard	Yes	Yes	Yes	No
Export audit logs	Yes	No	No	No

Separation of Duties Examples

IT Admin vs Supervisor

IT Admin manages integrations, retention, recording settings, and user roles. Supervisor manages knowledge base, routing rules, and reviews call transcripts. Neither role overlaps unnecessarily.

Supervisor vs Analyst

Supervisor can view transcripts and listen to recordings. Analyst can view call metadata and analytics but cannot access transcript text or audio. This supports audit-compliant access control.

Agent (Read-Only)

Agents see their own call logs and metadata. They cannot view transcripts, listen to recordings, or modify any system settings.

Offboarding a User

When a user is removed from your identity provider (via SCIM), their My AI Front Desk access is revoked immediately. No manual deactivation needed.

How Offboarding Works

1

User removed from IdP

When you remove a user from Okta, Azure AD, or your SCIM-connected identity provider...

2

SCIM deprovisioning

SCIM sends a deprovisioning event to My AI Front Desk within seconds.

3

Access revoked

User loses all access immediately. Active sessions are terminated.

4

Audit logged

The deprovisioning event is logged in audit logs with timestamp and admin context.

Sample Audit Log Events

2024-03-10 09:15:22 login user: admin@company.com logged in via Okta SSO

2024-03-10 09:20:01 transcript_view user: supervisor@company.com viewed transcript for call_xyz789

2024-03-10 10:05:30 recording_download user: admin@company.com exported recording for call_xyz789

2024-03-10 11:30:15 knowledge_base_edit user: supervisor@company.com updated FAQ: pricing section

2024-03-10 14:00:44 retention_policy_change user: admin@company.com set audio retention to 60 days

2024-03-10 16:22:10 user_deprovisioned SCIM: removed former.employee@company.com — all access revoked

2024-03-10 16:22:11 session_terminated Active session for former.employee@company.com terminated

Frequently Asked Questions

Can a supervisor see transcripts but not change routing?

Yes. Supervisor role has read access to transcripts and can edit knowledge base, but cannot change integrations, retention, or user roles.

Can an analyst see call data without hearing recordings?

Yes. Analyst role can view call metadata and analytics but cannot access transcript text or play/download audio.

What events are captured in audit logs?

Login, transcript views, recording plays, recording downloads, knowledge base edits, retention policy changes, role changes, and user provisioning/deprovisioning.

Can we export audit logs?

Yes. Audit logs can be exported via dashboard and API. SIEM streaming available on enterprise plans.

How does user offboarding work?

When removed from your identity provider via SCIM, the user's access is revoked immediately and active sessions are terminated. The event is audit-logged.

Is My AI Front Desk visitor kiosk software?

No. My AI Front Desk is an AI phone receptionist, not a visitor management or kiosk system.

READY TO
EVALUATE?

Request the enterprise governance pack or schedule a call with our security team.

Get Started Free Contact Sales