Chapter 2. Your Website Access

Acquiring an Account on the Website

Like all collaborative organizations with a geographically dispersed member base, your organization collaborates primarily through its website, and grants website accounts to its members, its staff, and possibly to nonmembers who are interested in the organization. The exact process for acquiring an account is specific to your organization. The requirements are usually posted in the Public Area of the organization's website, along with a link to membership applications or signup forms.

New Accounts

When the organization receives your request for an account, it sends an email to you explaining the next steps in the process. You should read this email carefully and save it somewhere on your system for future reference. This email usually contains a login link that you need to login to the website for the first time. Select a password before you click this link, because the link can only be used once and you'll need the password when you want to login again. When you click the login link, you'll be taken to a page where you'll see a form that allows you to change your password to the one you've selected for yourself. Some organizations also allow you to change your username.

If your organization has prerequisites for joining, you won't be able to login until these prerequisites are met and your application is approved. On websites where membership is required, your account is only activate during your membership term. This is also true of company memberships — the company's membership must be current for its Company Representatives to be able to log into the site.


If your organization has formal memberships, the renewal process may also require moderator approval that is predicated on the submission of prerequisite documents and payment of membership fees. Be sure to complete the renewal process before your current membership expires to avoid any interruption of your website access privileges.

Back to top

Levels of Access

Kavi Workspace provides different levels of access to Kavi tools and content managed through these tools, because the organization's site and content is viewed and managed by many different types of users. The major division in users is between regular account holders and organization administrators, but there can be multiple smaller divisions within each of these categories.

Access can be based on the types and roles you are assigned according to your current position in the organization, your relationship to the data (e.g., your personal data, your company's data, etc.), and whether you belong to a group or are subscribed to a mailing list. For more information, see the Concepts document on Accessin the Kavi Members help manual.

Basic Account Holder Access

As an account holder, you can login and manage your own account data. You'll have access to User Tools in certain areas of the website, such as those controlled by Kavi Members and Kavi Mailing List Manager.

Additional Access Through Membership

You may be given additional access automatically by the types you are assigned through membership, or types assigned to your company when it acquires membership. These types confer roles that act like keys to role-protected areas, tools and content on the website.

If your organization has different levels of membership, higher-level members may have access to areas that are not accessible to other members.

Groups Access

As an account holder, you may be able to access Groups Areas that are controlled by Kavi Groups. In some organizations you must have a certain level of membership in order to access Kavi Groups. If you see a link to groups, then you have access, so you can click this link then browse to see what groups are available to you.

You may find that you are able to apply directly for membership in some groups, while others are invitation-only. Members of a group enjoy a higher level of access to content managed within the group than others who don't belong to the group.

Within a group your level of access depends on which Group Role you are assigned. These are usually assigned manually by a Group Admin or Group Chair. If the group has balloting, voting privileges may be assigned manually or through your Group Role.

Everyone in the group is automatically subscribed to its mailing list and, in most cases, can post messages to the list. Access to documents and other group content may vary depending on your relationship to the content (e.g., whether you are a submitter or owner).

There can be a parent-child relationship between groups that controls mailing list behavior and access to documents and other content. For more information, see the Kavi Groups help manual.

Mailing List Access

Your organization may host lists that aren't associated with a group. You can see links to these lists on the The My Account Page, which take you to Kavi Mailing List Manager (KMLM) tools so you can view list archives and manage your subscriptions. A mailing list subscriber generally has a higher level of archive access and posting privileges than those who aren't subscribed. To use a mailing list successfully, you have to understand its subscription process and posting rules. For more information, see Managing Your Mailing List Subscriptions and Posting Messages to a Mailing List in the Kavi Mailing List Manager help.

If you are appointed moderator for a mailing list, you are given top-level posting privileges for this list, and the ability to moderate posts that are submitted to the list. See Mailing List Moderation and How to Moderate a Mailing List for more information.

Webpage Editor Access

In a few organizations, members help manage some of the site's Web content. On these sites, a User Type is assigned to designated editors. For more information, see the page help for the Assign Editors tool in the Kavi Edit help manual.

Other Special Access Permissions

These access permissions are tied to a special position that you fulfill within the organization. These positions are usually represented as Contact Types or User Types that are manually assigned to you by company administrators or organization administrators. The type confers whatever roles are needed to fulfill the responsibilities of this position. Most of these types are managed in Kavi Members and can be viewed by Admins by clicking the View Site Access link or by Super Admins through the manage types tools.

Kavi Showcase works a little differently. If you are designated as a Profile Contact you'll have access to the profile and catalog items associated with this profile. This is managed through Kavi Showcase rather than Kavi Members. For more information, see Kavi Showcase Permissions in the Appendix or the documents in the Concepts section of the Kavi Showcase help manual.

Company Administrators

If your organization offers company memberships and you represent your company as a Primary Contact, Company Admin, Alternate Contact or other company administrator, you'll be assigned a Contact Type that confers the 'company_admin' role. This role grants broad access to Company Admin Areas and tools all across Kavi products and component applications.

You'll see a navigation element that links to the My Company page, where you'll find the roster and other Company Admin Tools. You may edit your company's data, and manage users that appear on your Company Roster.

The Primary Contact is commonly given special privileges everywhere that the company can participate in the organization or exercise its benefits. You may be automatically added to certain groups and given privileges beyond those assigned to other representatives from your company, such as being designated as a primary voter. You may be automatically subscribed to certain KMLM lists, and these subscriptions may be required as long as you act as your company's Primary Contact.

Organization Administrators

Several different types of organization administrators are available in Kavi Workspace by default, so your organization may distribute website management responsibilities among a number of specialized administrators, or all administrators may be assigned one of the most privileged administrative types so they can assume broad responsibilities throughout the site.

The Organization Admin is one of the two most privileged types. This is a User Type that confers access to all Admin Areas and Report Areas and tools in all Kavi applications. As an administrator, the Organization Admin can perform tasks that you, as a regular account holder, can't perform for yourself. For example, you may be allowed to change your name through the My Account page, but may not be able to switch to a different company without assistance from the Organization Admin.

The Super Admin is the top-level administrator, and can do everything that the Organization Admin can do, but also configure the website.

There can be other administrators on your website, such as a Showcase Admin who manages Kavi Showcase. If you send an email to administrators, it usually goes to Organization Admins, but in some cases it goes to the administrator in charge of a specific area of the website.

Back to top

How Role-Based Authentication Works

Access to areas of your website that are protected by Kavi® Members is controlled through role-based authentication. In a role-based authentication software system, every user is given one or more roles by being assigned types that correspond to the position the user or their company holds in the organization. Users who hold special positions in the organization, such as users who are designated as their company's Primary Contact, may be assigned more than one type, each type conferring roles that the user needs to perform the duties, and exercise the privileges, of their position. Collectively, these roles are known as your "role cache."

As already mentioned, an account holder has to have the 'member' role in order to login. This is sort of like having the key to the front door of the organization offices. It provides basic access to Member Areas of the website. When a user attempts to login, Kavi Members authenticates the user by making sure the username and password are correct, then the software checks the user's role cache to see if the 'member' role is there. If it is, Kavi Members lets the user into the site. Once a user is logged into the website, Kavi Members checks to see which elements should be displayed on each page, only displaying elements for which the user has the required role, as illustrated by the following graphic.

Figure 2.1. Member Tools Availability by Role

Screenshot of the members-only landing page showing how more tools appear for users with more privileged roles.

When a regular user with limited roles logs in to the members-only area of the web site, they are presented with only a limited set of tools. In contrast, when a user with many roles logs in, they see links to access a variety of powerful tools.

The Organization Admin can view a user's role cache, but a user cannot view this information. By looking at a user's role cache on a well-configured site, the administrator can determine which areas and tools the user can access. For more information, see the Kavi Members help.

Back to top

How Relationships Work

Roles are used to determine whether a user is allowed to login to the website. Once a user is logged in, roles are used to determine which areas of the site the user can access and which elements are displayed on each webpage. But access to Web content and certain page-level elements is determined by whether the user has a relationship to the content. The kinds of relationships that might be established depend on the content.

As mentioned, every account holder owns their own account data and Company Representatives have some relationship to their company data. Kavi Showcase also has a concept of ownership, so that a user can edit their own profile, and users designated as 'Showcase Company Admins' can edit their company's profile. So when you and other organization members are visiting the website, you will see only those links that lead to areas you are allowed to access because of your roles, and in some cases, only the content with which you have a relationship.

Back to top