How it works and what is required
Role-Based Access is a feature in Anthology Illuminate Reporting that allows access to compartmentalized reports, ensuring each user accesses only appropriate data based on their role.
Currently, Anthology Illuminate Reporting is targeted towards high-level institutional leadership including Provosts, Heads of distance/online learning, Deans, Student Success Leaders, among others. However, to fully support and facilitate a data-informed decision-making culture, we want to expand support to additional users interested in report content but may only have access to some institution-wide data.
Having a broader deployment of Reporting across your Teaching and Learning management structure will empower each user to make confident decisions, facilitate delegation, feedback, and collaboration across roles, enabling data-informed conversations without the need to export and distribute reports’ data.
To successfully implement Role-Based Access, we recommend:
- Adopt Institutional Authentication for Anthology Illuminate. Find out how to set up Institutional Authentication
- Set up Institutional Hierarchy:
- On-Demand Webinar: Best Practices for Blackboard Learn Configuration
- Find out how to set up Institutional Hierarchy
Supported Reports
This table will be frequently updated to reflect the supported reports as we release them:
Area | Report | Status |
---|---|---|
Learning | Student Engagement | Supported |
Learning | Student Performance and Grades | Supported |
Learning | Social and Collaborative Engagement | Supported |
Learning | Student Summary | Supported |
Teaching | Instructional Practices | Supported |
Teaching | Assessment and Grading | Supported |
Teaching | Course Summary | Supported |
Leading | Learning Tools Adoption | Supported |
Leading | Collaboration Session Activity | Supported |
Leading | Learning Platform Adoption | Work in progress |
Leading | Course Administration | Supported |
Setting up Role-Based Access in Blackboard Learn (old method)
By following these steps, administrators using Blackboard Learn as the identity provider can grant user permissions to log into reporting and access data only from the nodes they are associated with:
1) Ensure the report is already set to support restricted users. (Check the table of supported reports above).
2) Add the Data - Restricted role to an existing user:
To grant the Data – Restricted role to a user, log into Anthology Illuminate and follow these steps:
In the left panel, go to Settings.
At this point, we recommend having the Institutional Hierarchy (IH) and courses already configured. View how to set IH.
- Select the License Management tab and find the users list.
- Click on the pencil icon in the Actions column for the user you want to modify.
- On the Edit User page, navigate to the Report Permissions section and select the Data – Restricted option from the dropdown menu. Then, click Add.
3) Set the user access levels:
To configure the levels of access for a user within the Institutional Hierarchy, log into Blackboard Learn using your administrative credentials and follow these steps:
- In the base navigation, go to the Administrator panel.
- Go to the Communities section and select Institutional Hierarchy: this allows you to manage and configure the hierarchy levels.
Navigate through your institutional hierarchy and choose the nodes and child nodes you would like to grant access to the user.
When setting up access, it's important to carefully choose the level you assign to each user. Keep in mind that users can view information from their assigned level and any levels below it, but not from levels on the same tier or above.
Consider this example:
- Institution Level 1 - A
- Institution Level 2 - B
- Institution Level 3 - C
- Institution Level 4 - D
- Institution Level 4 - E
- Institution Level 3 - C
- Institution Level 2 - B
Given this structure, if you grant User1 access to Institution Level 3 - C, the user will also have access to data from both Institution Level 4 - D and Institution Level 4 - E. This is because Levels 4 - D and 4 - E are nested under Level 3 - C, and access privileges extend down to lower levels.
However, if you grant User2 access only to Institution Level 4 - D, the user won’t be able to access data from Institution Level 4 - E. Access at Level 4 - D is limited to that level only and doesn’t include other nodes at the same level or any higher levels.
- Institution Level 1 - A
- Once you have selected the desired node, go to the Administrators tab and select Add Administrator.
- From the Add Administrators dialog box:
- If you know the Username you want to add as an Administrator, type it in the username field.
- Otherwise, select the Browse button and search by fields including Name, Email address, or System role. Select all relevant results and then Submit.
In the Roles section, select a desired administrator’s System Role for use in the node.
The specific role is not relevant to compartmentalized reporting in Anthology Illuminate but will impact the user's permissions within the node in Blackboard Learn.
Select Submit.
Wait overnight for the rules to be applied.
You can modify the association at any time by changing the node administrator associations or entirely revoke access by removing the user's Institutional Authentication role/group or disabling their SSO account.
Setting up Role-Based Access in Anthology Illuminate (new method)
Administrators using Institutional Authentication with SAML as the identity provider can grant user permissions to log into reporting and access data only from the nodes they are associated with. Users must have the "BbDataReportViewer" role in Learn or SAML and have logged into Illuminate at least once before their permissions can be managed.
1) Ensure the report is already set to support restricted users. (Check the table of supported reports above).
2) Add the Data - Restricted role to an existing user:
In the left panel, go to Settings.
At this point, we recommend having the Institutional Hierarchy (IH) and courses already configured. View how to set IH.
- Select the License Management tab and find the users list.
- Click on the pencil icon in the Actions column for the user you want to modify.
- On the Edit User page, navigate to the Report Permissions section and select the Data – Restricted option from the dropdown menu. Then, click Add.
3) Set the user access levels:
To configure the levels of access for a user within the Institutional Hierarchy, follow these steps:
- On the same Edit User page you opened in the previous step, scroll down to the Institutional Hierarchy section and choose the nodes corresponding to the institutional levels for which you want to grant permissions. You can expand each node to view its children.
Save all the granted permissions by clicking on the Save Changes button.
Wait overnight for the rules to be applied.
When Role-Based Access is applied, the reports initially appear unfiltered and without data due to restricted access. Users need to select the relevant hierarchy levels to populate the reports with information based on their access rights.
Add or remove report permissions
You can add or remove report permissions based on user roles. Each role provides specific access levels to reports:
- Access type:
- Reporting Area - Leading: All the reports in the Leading area
- Reporting Area - Learning: All the reports in the Learning area
- Reporting Area - Teaching: All the reports in the Teaching area
- Reporting Area - All: Access to all reports
- Data - Restricted: In reports with Role-Based Access enabled, only the hierarchy nodes selected for the user are visible, or
- Data - Unrestricted: Access to all data in all reports available for the user.
You can combine Reporting Area access types and a Data Restricted or Data Unrestricted access to create a more personalized experience.
To manage report permissions, follow these steps:
- In the left panel, go to Settings.
- Select the License Management tab and find the users list.
- Click on the pencil icon next to the user you want to modify.
- To assign permissions for reports, navigate to the Report Permissions section, select one or more roles, and then click Add.