Skip to main content
Access Control governs every aspect of who can log in to Loyalife and what they are permitted to see or do. Loyalife uses a role-based access model: every user holds one or more roles, and each role carries a defined set of permissions across the platform’s modules.

Why access control matters

GoalHow access control helps
SecurityProtects sensitive data — member PII, financial liability, transaction records — from unauthorized access
GovernanceThe Maker-Checker workflow prevents any single person from making unilateral changes to member accounts, rule configurations, or partner onboarding
ComplianceEvery access and action is logged in the Audit Trail, providing a non-repudiable record for auditors and regulators
EfficiencyRole-based permissions ensure users can complete their responsibilities without navigating unnecessary restrictions

Accessing Access Control

Select Access Controls from the left sidebar.

Modules within Access Control

Manage team

Invite users, assign roles, reset passwords, lock/unlock accounts, and create custom roles with granular permissions.

Approval workflow

Configure and manage the Maker-Checker process for point adjustments, member status changes, partner onboarding, and rule activations.

Audit trail

Review a complete, tamper-evident log of every administrative action — who, what, when, and from where.

Role structure

Loyalife comes with built-in roles for common team functions. You can also create custom roles with any combination of per-module permissions. Example role structure for a retail loyalty program:
RoleTypical permissions
Customer SupportView Members, View Transactions — no edit access
Marketing ManagerView and Create Campaigns, View Segments, View Communications
Program AdminFull access except Access Control management
Compliance OfficerView Reports, View Audit Trail — read-only across all modules
Super AdminAll permissions including User Management and Custom Report creation

Permission levels

For most modules, permissions follow a hierarchy:
LevelWhat it allows
ViewRead-only access to the module — can see data but not change anything
EditCan modify existing records (includes view access)
CreateCan create new records, modify existing ones, and typically delete (includes view and edit)
Some modules have additional granular permissions — for example, Approve Assigned Invoices, Verify Onboarding Requests, or PI Data Access.

Maker-Checker governance

For sensitive actions — manual point adjustments, member status changes, partner onboarding — Loyalife enforces a two-step approval process:
  1. A Maker initiates the action
  2. A Checker/Approver reviews and authorises it before it takes effect
This is configured in Approval Workflow and can be enabled or disabled per action type. See Approval workflow for details.
Once the Suspension Actions toggle is enabled in the Approval Workflow, it cannot be reversed. Plan this configuration carefully.