Role-Based Access Control for Hub Notifications is Here!

May 22, 2023

One of the most requested enhancements for Hub Services has just become generally available!

As a powerful tool for communication and collaboration, Hub Services continues to evolve and improve. With the latest update, super admins can now define and restrict the target audiences that admins can send notifications to. By granting admins full or custom access to specific groups and target audience types, limited permissions ensure that communication is only sent to relevant groups. This enables admins to effectively communicate with their team and region, while also providing super admins with the ability to manage permissions accordingly.

Why is this important? You’re now able to delegate the task of sending notifications out to others within your organization. HR, Events Planning, Geographic-specific administrators, Platform-specific administrators. With this new feature, they can now breathe a sigh of relief knowing they won't accidentally send notifications to people who shouldn't be receiving them. It's all about keeping things secure and under control.

Does this sound interesting to you? If so, read on and let’s take a peek at how this works in the Hub Services Console!

Configuring the new Admin Role

You may recall from our 5 Quick Wins for Workspace ONE Hub Services blog that we can create an admin role to scope permissions so that an admin can only create notifications – but what if you want to go a step further and limit their target audience? Simple! There’s now a “Target Audience Permissions” column from within the Admin Roles tab in Hub Services Console.

A screenshot of a computer</p>
<p>Description automatically generated with medium confidence
Figure 1: Selecting the Admin Roles configuration and highlighting the new Target Audience Permissions column

After you click Edit on the Admin Role, you’re presented with your normal scoping options for what actions this role should be allowed – but you’ll also see the new option for Change Target Audience – click Edit to narrow the scope of users, devices, platforms, or smart groups that they’re allowed to send notifications to.

A screenshot of a group</p>
<p>Description automatically generated with low confidence
Figure 2: Modifying the target audience properties for an existing Admin Role

From here, you can choose to turn access on or off for an entire audience type (User Group, Org Group, Smart Group or Platform) – or customize it to a specific audience. In my example below, I’m scoping this permission to a specific set of Smart Groups.

A screenshot of a computer</p>
<p>Description automatically generated with medium confidence
Figure 3: Scoping Admin Roles to various combinations of User Groups, Org Groups, Smart Groups, or entire Platforms, which can have Full Access, Custom Access (as above), or Access disabled

Once you’re happy with your changes, click Done, and the role will be updated. The next time a user matching this role attempts to create a Notification, they will be constrained by the Target Audience definition you’ve set up for this role. Easy and makes your Marketing, HR, Communications, or Business-Unit-specific teams feel confident that they will be sending to the correct audiences.

If you are interested in learning more about Hub Services, you can find information on VMware Docs.

What's your game plan for making the most of this in your Digital Workspace?

Filter Tags

Horizon Horizon Horizon Cloud Service Blog Announcement Overview