Skip to main content

Firm Portal User Permissions

Christa Mason
Updated

Summary

When it comes to accessing the firm portal and the permissions granted to firm portal users, there are a few main concepts that are important to keep in mind:

  1. Access to the Aiwyn firm portal is through a staff person's Single Sign On (SSO) User, no additional user/password is created, rather the firm user's existing credentials must be used.
  2. Your IT Admin has limited who from your firm staff SSO Users can access your Aiwyn Firm Portal to just those your Main Point(s) of Contact have indicated need that access, covered during Implementation.
  3. Multiple User Permission settings groups are possible and not usually necessary unless your firm has more than one Firm Portal module, such as Engagement Letters or Billing alongside the foundational Payments & Collections.
  4. Access is web-based, and a specific Firm Portal URL is provided to your firm during your initial implementation (via Payments & Collections implementation tasks).
  5. Staff granted access by your IT Admin then access the Firm Portal URL where they have access to the Firm Portal. Unless otherwise adjusted, all Firm Portal Users have Default User Permissions applied. 
  6. Only one User Permission Settings Group may be applied to a given User at a time.
  7. Only Aiwyn Implementation and/or Support teams may adjust a given Firm User's permissions settings group from the default group to a different firm-defined user group.
  8. The Default User Permission Group applies to all firm staff by default unless their profile's permissions group has been adjusted by Aiwyn to a different User Permission Group. 

Included in this article:

Limiting Access to the Firm Portal

SSO Image.png

Access to your firm's Aiwyn Firm Portal is granted to staff through their SSO User.

When your Aiwyn system is getting set up, we help you communicate to your IT administrator (involved with Aiwyn Implementation) the names of staff members of your firm to whom access to the Aiwyn application should be granted. 

 

The first line of defense for access to your Aiwyn Firm Portal is first and foremost through their SSO User being enabled to access Aiwyn in your SSO management environment (Azure, Duo, Okta, etc).

 

The Main Points of Contact involved in the implementation of Aiwyn Payments & Collections provide the names of just those staff who have a need to be in the Aiwyn Firm Portal to your IT Admin.

It is not, and should not, be everyone at your firm that is granted access to the firm portal.

 

Who should have access to the Aiwyn Firm Portal?

If you have our foundational Payments & Collections, and no other modules such as Engagement Letters or Billing, then chances are the list of staff with access to the firm portal will be rather small.

Most firms on Payments & Collections exclusively only need a few people who are allowed to do things such as take a payment on behalf of a client, reduce/remove credit card processing fees when taking client credit card payments, see and send staged Smart Statements (if you're not automated yet), and make refunds to payments made through Aiwyn.

Firms with additional module(s) will require additional structure to create multiple permissions groups. The creation, adjustment, and ongoing management of these firm portal user permissions groups is done exclusively by Aiwyn (Implementation or Support).

 

How to Grant Access to Firm Portal

During Implementation

Provide your IT Admin with the first/last name of the firm staff whom you would like to have access to the Aiwyn Firm Portal. Once granted (and your system has been deployed by Aiwyn), the user can access the Firm Portal by going to your Firm Portal URL.

Ensure staff email addresses are located in the respective field of the staff profile located in the Practice Management System. 

 

Ongoing 

  1. Inform your IT Admin that a staff person needs to have their SSO User enabled to access the Aiwyn application (similar to how your user is)
  2. Once granted by IT, provide that user with your Aiwyn Firm Portal URL
  3. When they go to the Firm Portal URL they will enter their SSO User user/password credentials, the same exact details they use to log into software at your firm such as Microsoft Teams or Outlook.
  4. Unless otherwise noted by your firm to have adjusted by Aiwyn, the user will have the Default User Permissions automatically applied.

All firm staff with a staff profile in your Practice Management System could potentially log into your Aiwyn Firm Portal.

If they have the Aiwyn application granted to their SSO user by your IT admin, and their email address is the same email in their staff profile located in the Practice Management System, then when they access the Aiwyn Firm Portal URL, they will access the firm portal with whatever User Permission Group applied to their User.

 

Default User Permissions

Unless manually changed by Aiwyn at your firm's request for a given staff person, the default permissions for your system are automatically applied to a Firm Portal user. 

For Payments & Collections, there is usually no need for multiple user permissions groups.

For just the foundational Payments & Collections product, the single default permissions group is sufficient for all users of your Aiwyn Firm Portal (e.g. those staff granted access to Aiwyn application in your SSO). Consider all existing and possible future users of the firm portal as having the default settings (again, unless otherwise noted and needed due to additional Aiwyn products).

By default and unless otherwise adjusted (if possible and necessary) by Aiwyn, the following permissions are granted to all users of your Firm Portal via the Default User Permissions:

  • Can see all Clients in Firm Portal Tab
    • Can see Client and Contact details
    • Can access any Client Portal
  • Can see all Invoices in Firm Portal Tab
    • Can access any Client Portal in order to pay invoice(s)
    • Can see PDF of Invoices if invoice sent through firm's Aiwyn Invoice Email process
  • Can see all Payments in Firm Portal Tab
    • Can refund Aiwyn payments
    • Can see Aiwyn and Firm Wide payment history for Clients
    • Can create/edit any Client payment plan (autopay or recurring payment)
  • Can see all Collections in Firm Portal Tab
    • Can send or skip any Client Smart Statement staged for review
    • Can enable/disable any Client from receiving Aiwyn Smart Statements
  • Can see Settings in Firm Portal Tab
    • Can create/edit/delete any Collection Setting for entire Firm Portal
      • Can enable Automated Daily Collections
      • Can edit Collection Message Contents
      • Can create/edit/delete Collection Triggers

User Permission Settings Group

Note: Unless your firm uses additional Aiwyn modules beyond Payments & Collections, such as Engagement Letters or Billing, we will not typically need to create additional user groups besides the existing default user permission group, nor will we have need to adjust for you what permissions are disabled for the default permission group.

Therefore, if you are not subscribed to those other modules, you will not need to continue reading further as the remainder of this article below focuses on additional permission settings groups necessary for firms using Engagements and/or Billing in addition to Payments & Collections

The Default User Permissions outlined above can be adjusted, to an extent, based on additional modules, and your firm's needs. Additional User Permissions Groups can be created if needed, please consult with your Implementation Manager if you feel the need to have additional layers of permissions beyond what has been described.

All firm staff with a staff profile in your Practice Management System could potentially log into your Aiwyn Firm Portal. If they have the Aiwyn application granted to their SSO user by your IT admin, then when they access your Aiwyn Firm Portal URL (which you should provide to them when ready), they will access the firm portal with whatever User Permission Group applied to their User.

The Default User Permission Group applies to all firm staff by default unless their profile's permissions group has been adjusted.

In order to adjust a staff's assigned User Group (and thus their permissions), request this from Aiwyn Support or Implementation, as only Aiwyn Implementation and Support can adjust the applied permissions group for a particular user beyond what is granted by default.

Only one permissions group can be applied to a user.

 

Suggested Engagements User Permissions Groups

Implementation Considerations Outlined below is an example of the User Groups created and permissions therein for a firm with Aiwyn's Engagement Letters and Payments & Collections modules enabled.

It is for demonstration purposes only and additional User Permission Groups can be created beyond what is demonstrated based on your firm's unique needs.

During the implementation of Engagements, you receive specific direction from your Implementation Manager regarding your firm's new User Permissions with User Group recommendations provided, and a User Permissions table to document your changes based on your preferences is shared inside your Engagements Implementation Plan.

 

In theory, with the addition of Engagements to existing Payments & Collections, the most number of possible users of your Aiwyn Firm Portal will fall into an "Engagement User" category.

By making your Default User Group equal that of an "Engagement User", you will have less staff requiring permission adjustments by Aiwyn in the future.

Of course, if you require some staff to do certain things but not others, that can also be adjusted by adding another User Group, or editing permissions of existing ones. 

During Implementation of Engagements, one of your firm's tasks is to develop the User Groups necessary for your firm, with the help of your Implementation Manager. They will help you build all User Groups. 

For example, you may want some staff enabled to create Engagement Letter Templates, but maybe you do not want them able to delete Client Engagements - with certain settings turned on and others turned off - and more groups created, a new set of permissions is developed and users can then be assigned.

A User Group and Permissions Settings table is generated for your firm and located in your firm's Engagements Implementation Plan.

Here is a snapshot of suggested settings and User Groups for a firm with Engagements and Payments & Collections:

FIrm User Permissions-Settings for Groups.png

 

Firm User Permissions-Key-Image.png

 

 

Related articles