Role-Based Access

How it works and what is required

Role-Based Access is a feature in Anthology Illuminate Reporting that allows access to compartmentalized reports, ensuring each user accesses only appropriate data based on their role.

Currently, Anthology Illuminate Reporting is targeted towards high-level institutional leadership including Provosts, Heads of distance/online learning, Deans, Student Success Leaders, among others. However, to fully support and facilitate a data-informed decision-making culture, we want to expand support to additional users interested in report content but may only have access to some institution-wide data.

Having a broader deployment of Reporting across your Teaching and Learning management structure will empower each user to make confident decisions, facilitate delegation, feedback, and collaboration across roles, enabling data-informed conversations without the need to export and distribute reports’ data.

To successfully implement Role-Based Access, we recommend:

Adopt Institutional Authentication for Anthology Illuminate. Find out how to set up Institutional Authentication
Set up Institutional Hierarchy:
- On-Demand Webinar: Best Practices for Blackboard Learn Configuration
- Find out how to set up Institutional Hierarchy

Supported Reports

This table will be frequently updated to reflect the supported reports as we release them:

Area	Report	Status
Learning	Student Engagement	Supported
Learning	Student Performance and Grades	Supported
Learning	Social and Collaborative Engagement	Supported
Learning	Student Summary	Supported
Teaching	Instructional Practices	Supported
Teaching	Assessment and Grading	Supported
Teaching	Course Summary	Supported
Leading	Learning Tools Adoption	Work in progress
Leading	Collaboration Session Activity	Work in progress
Leading	Learning Platform Adoption	Work in progress
Leading	Course Administration	Supported

Setting up Role-Based Access in Blackboard Learn (old method)

By following these steps, administrators using Blackboard Learn as the identity provider can grant user permissions to log into reporting and access data only from the nodes they are associated with:

1) Ensure the report is already set to support restricted users. (Check the table of supported reports above).

2) Add the Data - Restricted role to an existing user:

To grant the Data – Restricted role to a user, log into Anthology Illuminate and follow these steps:

In the left panel, go to Settings.
At this point, we recommend having the Institutional Hierarchy (IH) and courses already configured. View how to set IH.
Select the License Management tab and find the users list.
Click on the pencil icon in the Actions column for the user you want to modify.

The image indicates that: 1) the 'Settings' option is selected and highlighted, 2) the 'License Management' tab is selected and highlighted, and 3) the pencil icon is selected and highlighted.

On the Edit User page, navigate to the Report Permissions section and select the Data – Restricted option from the dropdown menu. Then, click Add.

The image shows that the 'Data - Restricted' option is selected from the roles dropdown menu, and the 'Add' button is selected and highlighted.

3) Set the user access levels:

To configure the levels of access for a user within the Institutional Hierarchy, log into Blackboard Learn using your administrative credentials and follow these steps:

In the base navigation, go to the Administrator panel.

The image shows the Learn Ultra platform opened with the 'Admin' option selected and highlighted.

Go to the Communities section and select Institutional Hierarchy: this allows you to manage and configure the hierarchy levels.

The image shows the 'Admin' panel opened with the 'Communities' section highlighted and the 'Institutional Hierarchy' option selected.

Navigate through your institutional hierarchy and choose the nodes and child nodes you would like to grant access to the user.
When setting up access, it's important to carefully choose the level you assign to each user. Keep in mind that users can view information from their assigned level and any levels below it, but not from levels on the same tier or above.
Consider this example:
- Institution Level 1 - A
  - Institution Level 2 - B
    - Institution Level 3 - C
      - Institution Level 4 - D
      - Institution Level 4 - E
Given this structure, if you grant User1 access to Institution Level 3 - C, the user will also have access to data from both Institution Level 4 - D and Institution Level 4 - E. This is because Levels 4 - D and 4 - E are nested under Level 3 - C, and access privileges extend down to lower levels.
However, if you grant User2 access only to Institution Level 4 - D, the user won’t be able to access data from Institution Level 4 - E. Access at Level 4 - D is limited to that level only and doesn’t include other nodes at the same level or any higher levels.
Once you have selected the desired node, go to the Administrators tab and select Add Administrator.

The image shows 1) the Institutional Hierarchy nodes list highlighted, 2) the 'Administrators' tab selected and highlighted, and 3) the 'Add Administrator' option selected and highlighted.

From the Add Administrators dialog box:
- If you know the Username you want to add as an Administrator, type it in the username field.
- Otherwise, select the Browse button and search by fields including Name, Email address, or System role. Select all relevant results and then Submit.
In the Roles section, select a desired administrator’s System Role for use in the node.
The specific role is not relevant to compartmentalized reporting in Anthology Illuminate but will impact the user's permissions within the node in Blackboard Learn.
Select Submit.
Wait overnight for the rules to be applied.

The image shows 1) the 'Username' field filled and highlighted, 2) the 'Roles' section filled and highlighted, and 3) the 'Submit' option selected and highlighted.

You can modify the association at any time by changing the node administrator associations or entirely revoke access by removing the user's Institutional Authentication role/group or disabling their SSO account.

Setting up Role-Based Access in Anthology Illuminate (new method)

By following these steps, administrators using Institutional Authentication with SAML as the identity provider can grant user permissions to log into reporting and access data only from the nodes they are associated with:

1) Ensure the report is already set to support restricted users. (Check the table of supported reports above).

2) Add the Data - Restricted role to an existing user:

In the left panel, go to Settings.
At this point, we recommend having the Institutional Hierarchy (IH) and courses already configured. View how to set IH.
Select the License Management tab and find the users list.
Click on the pencil icon in the Actions column for the user you want to modify.

On the Edit User page, navigate to the Report Permissions section and select the Data – Restricted option from the dropdown menu. Then, click Add.

3) Set the user access levels:

To configure the levels of access for a user within the Institutional Hierarchy, follow these steps:

On the same Edit User page you opened in the previous step, scroll down to the Institutional Hierarchy section and choose the nodes corresponding to the institutional levels for which you want to grant permissions. You can expand each node to view its children.
Save all the granted permissions by clicking on the Save Changes button.
Wait overnight for the rules to be applied.

The image shows the nodes of the Institutional Hierarchy selected and highlighted, and the ' Save Changes' button selected and highlighted.

When Role-Based Access is applied, the reports initially appear unfiltered and without data due to restricted access. Users need to select the relevant hierarchy levels to populate the reports with information based on their access rights.