The Account Access feature provides organizations with granular control over when the Watermark support team can access user accounts. This functionality improves security and transparency by requiring explicit, time-bound permission from the user.
Note: All actions performed during an active support session are logged for auditing purposes.
Organizational Settings
Administrators manage the availability of this feature at the system level.
- Root administrators can enable or disable the Account Access feature via the System Preferences menu under Settings > Configuration Settings.
- Access Restriction: Non-root administrators cannot modify the organization-level Support Access settings.
- Default Behavior: By default, this toggle will be ON for all existing organizations and any new organization created in the future.
Managing Individual User Access
Users can manage their personal support permissions within the "Account Settings" card on their profile:
- Click the "Grant Access" button to begin the authorization process.
Define the temporary access window in the resulting flyout menu:
- Start Time and Date: Defaults to the current date and time.
- Access Duration: Choose a duration of 24 hours, 48 hours, or 72 hours.
- Verify the active status on your profile. The system will display the exact date and time the access will automatically expire.
- Revoke access at any time by clicking "Remove Access Now" to immediately end the support session.
Support Workflow Requirements
For a support user to access an account, two conditions must be met:
- The organization-level configuration must be toggled "On".
- The specific user must have an active "Grant Access" window enabled.