Overview: Profiles, permission sets, and property access
The content of this page is specific to the Delphi product type. If you are using the Delphi Core product type, click here to access the Delphi Core-specific online help.
New user creation involves a corporate administrator assigning users the appropriate level of access so they can complete their daily tasks. What users can do in the system is controlled by profiles and permission sets. An administrator can then indicate which properties the user can access and what they can do with the records at those properties.
The Automated Process user is a system-generated user designed to carry out automatic background processing tasks. This user is listed in the Created By or Last Modified By fields under System Information for records that are created or modified automatically by the system.
Profiles
Each user in the system is assigned a profile. The profiles control which areas your users can access and what they can do in the application.
When a corporate administrator creates a new user, the User License field determines which profiles are available. The following standard profiles are included:
An Event Only version of each profile is also available for properties that do not sell guestrooms.
| Profile |
Description |
User license |
|---|---|---|
| Delphi Core Property Administrator | This profile has access to property-specific configuration settings, such as guestrooms, function rooms, menus, taxes, and document templates. They can assign property access and default properties to users. This profile is specific to the Delphi Core product type. |
Salesforce Platform |
| Delphi Core User | This profile is for users who need to work with accounts, contacts, inquiries, bookings, guestrooms, events, and volume contracts. This profile is specific to the Delphi Core product type. |
Salesforce Platform |
| Delphi Core Corporate Administrator | This profile has access to all records at all properties and all areas of the application. Tasks such as entering corporate setup values, modifying page layouts, and creating users are performed by the corporate administrator. This profile is specific to the Delphi Core product type. |
Salesforce |
| Sales and Catering Property Administrator | This profile has access to property-specific configuration settings, such as guestrooms, function rooms, menus, taxes, and document templates. They can assign property access and default properties to users. | Salesforce Platform |
| Sales and Catering User | This profile is for users who need to work with accounts, contacts, inquiries, bookings, guestrooms, events, and volume contracts. | Salesforce Platform |
| Sales and Catering View Only User | This profile is for users who only need to view and run reports. Users cannot create, edit, or delete any records. Users cannot merge or batch merge. Users with this profile must still be assigned Edit Owned Records or Edit All Records access at a property in order to view that property's records. Banquet user access If your banquet team needs limited access, for example, to enter actuals or batch print BEOs, assign them the View Only user profile. You also need to assign the users the Banquet Access permission set. This lets the users work with events while continuing to have view only access to the rest of the system. Banquet users with Edit Owned Records access need to be sourced on individual bookings to modify events and merge or batch merge. To avoid sourcing, assign your banquet users Edit All Records access. This allows them to work with events on all bookings at the property. |
Salesforce Platform |
| Sales and Catering Corporate Administrator | This profile has access to all records at all properties and all areas of the application. Tasks such as entering corporate setup values, modifying page layouts, and creating users are performed by the corporate administrator. | Salesforce |
The following table provides a summary of what each profile can do in the application. Some of these tasks require that the profile is assigned the corresponding permission set. The users' property access level determines what they can do with those property’s records.
|
Corporate administrator |
Property administrator |
User - Edit All Records property access |
User - Edit Owned Records property access |
View Only user* |
|
|---|---|---|---|---|---|
| View records | Yes | Yes | Yes | Yes | Yes |
| Create records | Yes | Yes | Yes | Yes | No |
| Modify records | Yes | Yes | Yes | Only records they own or are sourced on | No |
| Delete records | Yes | Only records they own | Only records they own | Only records they own | No |
| Merge documents | Yes | Yes | Yes | Only records they own or are sourced on | No |
| Batch merge | Yes | Yes | Yes | Only records they own or are sourced on | No |
| Run reports | Yes | Yes | Yes | Yes | Yes |
| Manage users | Yes | Can assign access to properties where they have Edit All Records permissions | No | No | No |
| Define setup values | Yes | Yes - for property | No | No | No |
| Edit page layouts | Yes | No | No | No | No |
*The function of the View Only profile can be extended with the Banquet Access permission set.
Permission sets
A permission set further defines the level of access in a user's profile. Each user needs to be assigned the permission set that corresponds with the user's profile.
Additional permission sets are available that extend a user's access without a profile change.
- Enable Multi-Factor Authentication - When logging in, users are required to prove their identity using the Salesforce Authenticator app on a mobile device. See Activate MFA. If you have single sign-on or My Domain, follow the steps in Salesforce Help instead of using this permission set. Start with the Salesforce Multi-Factor Authentication FAQ knowledge article.
- Alternate Language - Alternate language permission sets control which language fields you can see throughout the system. For example, when the French permission set is added, the user sees fields for BEO items in both English and French. These permission sets also control which languages display in merge documents. See Assign alternate language permission sets to users.
- Change Record Owner - This permission set allows users to change the owner of records that they do not own. If you have MeetingBroker integration and more than one person acts as the Default Lead Coordinator (DLC) assign this permission set to all the DLCs.
- Replace Setup Values - The Replace Setup Values function is available to corporate administrators by default. Add this permission set to a property administrator if needed.
- Backdate Bookings Admin - By default, corporate administrators have access to the Enable Backdating Bookings field on the Property page. Add this permission set to property administrators if they need to turn backdating bookings on and off. Amadeus recommends removing this permission set once backdating bookings is complete.
-
Banquet Access -If your banquet team needs limited access, for example, to enter actuals or batch print BEOs, assign them the View Only user profile. You also need to assign the user this permission set. This lets the user work with events while continuing to have view only access to the rest of the system. Banquet users with Edit Owned Records access need to be sourced on individual bookings to modify events and merge or batch merge. To avoid sourcing, assign your banquet users Edit All Records access. This allows them to work with events on all bookings at the property.
The following table details what the Banquet Access permission set allows a View Only user to do:
View only banquet access details Booking details Create, modify, or delete bookings No Merge and batch merge BEOs, banquet checks, booking checks, and other documents Yes Create, modify, or delete room blocks No Event details Create new events No Modify event details Yes Delete events No Add or remove existing menus and items Yes Create impromptu menus and items Yes Add or remove existing choice groups Yes Change choice group selections Yes Create new items for existing choice groups No Package details Add or remove booking packages No Modify package attendance on event-only packages Yes Modify package attendance on packages with guestrooms No Create new package events No Associate existing events to packages Yes Remove events from packages Yes Price menus and items with packages Yes Create, associate, or delete package room blocks No Create, associate, or delete package other income items No Modify price and attendance on package other income items To modify Agreed, Forecasted, and Guaranteed attendance, use the Booking Package Attendance page. Actual attendance can be entered on the Booking Other Income page.
Yes Modify gratuity and admin charge on package other income items Yes Booking other income details Create new other income items No Modify price and attendance values on existing other income items Yes Modify gratuity and admin charge on existing other income items Yes Delete other income items No Banquet users with Edit Owned Records access need to be sourced on individual bookings to modify events and merge. To avoid sourcing, assign your banquet users Edit All Records access at the property. This allows them to work with events on all bookings at the property.
Property access levels
After users are created in the system, they need to be assigned an access level at each property. This access level controls what the users can do with the property's records. See Assign property access, permission sets, and default properties for more information.
Security
When Enable Amadeus Account security is selected on the Amadeus Settings page, here are some things to note when granting property access to users:
-
An account must be shared with a selected property before users at that property can access it. The users' access level at that property controls what they can do with the account.
If Visible to All Properties is selected on the account, all users in the org have account edit permissions regardless of their property access level.
- When Booking/Volume Contract security is enabled, the users' property access level controls how they can interact with inquiries, bookings, and volume contracts.
Contact Amadeus Support before making any changes to your Security settings.
Learn more...
Assign property access, permission sets, and default properties