- Introduction
- Balance
- Clusters
- Concept drift
- Coverage
- Datasets
- General fields (previously entities)
- Labels (predictions, confidence levels, hierarchy, etc.)
- Models
- Streams
- Model Rating
- Projects
- Precision
- Recall
- Annotated and unannotated messages
- Extraction Fields
- Sources
- Taxonomies
- Training
- True and false positive and negative predictions
- Validation
- Messages
- Access Control and Administration
- Managing your account
- Role-based access control (RBAC)
- Managing access (Automation Cloud)
- Managing projects (Automation Cloud)
- Maintenance
- Manage sources and datasets
- Understanding the data structure and permissions
- Create or delete a data source in the GUI
- Uploading a CSV file into a source
- Preparing data for .CSV upload
- Create a new dataset
- Multilingual sources and datasets
- Enabling sentiment on a dataset
- Amend dataset settings
- Delete messages via the UI
- Delete a dataset
- Export a dataset
- Using Exchange Integrations
- Model training and maintenance
- Understanding labels, general fields, and metadata
- Label hierarchy and best practices
- Analytics vs. automation use cases
- Turning your objectives into labels
- Overview of the model training process
- Generative Annotation (NEW)
- Dastaset status
- Model training and annotating best practice
- Training with label sentiment analysis enabled
- Understanding data requirements
- Train
- Introduction to Refine
- Precision and recall explained
- Precision and recall
- How does Validation work?
- Understanding and improving model performance
- Why might a label have low average precision?
- Training using Check label and Missed label
- Training using Teach label (Refine)
- Training using Search (Refine)
- Understanding and increasing coverage
- Improving Balance and using Rebalance
- When to stop training your model
- Using general fields
- Generative extraction
- Using analytics and monitoring
- Automations and Communications Mining™
- Licensing
- FAQs and more

Communications Mining User Guide
Managing access (Automation Cloud)
This section addresses to Automation Cloud users and contains information on how to manage your access in the Communications Mining service.
This section contains an overview of the different roles and the underlying permissions they grant in the UiPath® IXP service.
The following table contains a list of all roles and permissions, as well as a description of each role:
Role | Permissions | Role description |
IXP Service Admin |
Audit Log - Read Tenant - Manage | Grants full rights to the IXP service. |
IXP Project Admin |
Alert - Write Appliance Configuration - Write Bucket - Append Bucket - Write Comment - Manage Dataset - Export Dataset - Manage Integration - Write Source - Manage Stream - Consume Stream - Manage | Allows you to manage everything within a project such as users, integrations, sources, datasets, models, streams, and alerts. You cannot create or delete projects. |
IXP Model Trainer |
Alert - Read Dataset - Review Dataset - Write Integration - Read Source - ReadSensitive Stream - Read | Allows you to view everything within a project. You can also review and label data, update dataset settings, and pin model
versions.
You cannot create or delete datasets. |
IXP Developer |
Alert - Read Appliance Configuration - Write Bucket - Append Bucket - Read Comment - Manage Dataset - Export Integration - Write Model - Manage Source - Manage Stream - Consume Stream - Manage | Allows you to view everything within a project, upload or export data, configure integrations, pin models versions, manage
streams, and consume predictions from them.
You cannot review and label data. Also, you cannot create, update, or delete datasets or alerts. |
IXP Viewer |
Alert - Read Dataset - Read Integration - Read Source - Read Stream - Read | Allows you to view everything within a project.
You cannot create, update or delete anything. |
IXP Analyst |
Alert - Write Dashboard - Write Dataset - Read Integration - Read Source - Read Stream - Read | Allows you to view everything within a project and can create, update, and delete dashboards and alerts.
You cannot import, export, or review and label data. Also, you cannot modify or consume streams, or set up integrations. |
Permission type | Permission | Permission description |
Service (only non-project) |
Tenant - Manage |
Create, modify, and delete projects and users for a tenant. Additionally, all admins on UiPath® Automation Cloud also receive this permission in the IXP platform automatically. |
Service (only non-project) |
Audit Log - Read |
View audit logs. |
Sources |
Source - Read | View sources and the messages they contain. This is required to view individual messages on the platform. |
Sources |
Source - ReadSensitive Grants Source - Read | View any user properties marked as sensitive, in addition to others. |
Sources |
Source - Manage Grants Source - ReadSensitive | Create, modify, and delete sources. You must create sources via the API. |
Sources |
Comment - Manage | Create, update, and delete messages in a source via the API. |
Datasets |
Dataset - Read | View pinned and predicted labels on the datasets of the user. This is required to view
individual messages on the platform.
Note: To view any data
related to a source, dataset, or message in the platform both
Source - Read and Dataset - Read, or their
parent roles, are required.
|
Datasets |
Dataset - Manage Grants Dataset - Read | Update the properties of a dataset,for example, its description, sources, and general fields. Enable Quality of Service and Tone analysis. |
Datasets |
Dataset - Review Grants Dataset - Read | Create, edit and delete labels, and pin them to messages in the dataset of the user. Add pre-trained labels. |
Datasets |
Dataset - Export | Export datasets via the user interface. |
Model - Manage | Pin model versions. | |
Datasets |
Dashboard - Write | Create or modify dashboards. |
Streams |
Stream - Read | View streams and their configuration. |
Streams |
Stream - Manage | Create, modify, and delete streams. |
Streams |
Stream - Consume | Fetch and advance the output of a stream. |
Buckets |
Bucket - Read | View information on raw data buckets. |
Buckets |
Bucket - Write | Add or remove raw data buckets. |
Buckets |
Bucket - Append | Upload data to buckets. |
Integrations |
Integration - Read | View information on external integrations. |
Integrations |
Integration - Write | Add or remove integrations with external services. |
Utility |
Alert - Read | View alerts, and issues raised by them. |
Utility |
Alert - Write | Create, modify and delete alerts. |
Utility |
Appliance Configuration - Read | Fetch appliance configs. |
Utility |
Appliance Configuration - Write | Upload new or replace existing appliance configs. |
To manage roles, proceed as follows:
- Once you log into Communications Mining, select the gear icon.
- Select the Manage Access tab in the Administration page.
- Start managing roles in the Service or Project sections, depending on what roles you have.
To view the available roles for a specific scope, either a tenant or a project, proceed as follows:
- Go to the Manage Access tab.
- Select either Service or a specific project.
- Select the Roles tab.
To view the permissions that each role grants, select the eye icon for a specific role. For more details, check Roles and permissions.
To add a user or Automation Cloud group to a project, you need to assign them a role. For more details on adding users to Automation Cloud groups, check Managing access in the Automation Cloud.
- Go to the Manage Access tab, and select a project.
- Select Assign role under the Role assignments tab.
- In the Names field of the Assign roles side panel, enter the names of the users or groups you want to assign roles to.
- Select a name from the drop-down list, where all available users and groups in the tenant are displayed.
- In the Roles field, select from the drop-down list the roles you want to assign.
- Select Assign.
- The Organization Administrator role - can update role assignments at the service level or in any project for any users in the tenant.
- The Project Administrator role - can update role assignments in any project where they have this role.
- The Service Administrator role - can update role assignments at the service level.
- Go to the Manage Access tab, and select a project.
- Select Assign role under the Role assignments tab.
- In the Names field of the Assign roles side panel, enter the names of the users or groups you want to assign roles to.
- Select a name from the drop-down list, where all available users and groups in the tenant are displayed.
- In the Roles field, select from the drop-down list the roles you want to assign.
- Select Assign.
- The Organization Administrator role - can update role assignments at the service level or in any project for any users in the tenant.
- The Project Administrator role - can update role assignments in any project where they have this role.
- The Service Administrator role - can update role assignments at the service level.
- In the Manage Access tab, select Service or a specific project.
- Select the Role assignments tab to locate the user or group whose role you want to update or remove.
- Select the ellipsis for the user or group you want to edit or remove.
- Select Edit or Remove, depending on the case.
- Edit - allows you to add additional roles to the user or group, or remove existing ones.
- Remove - removes the user or group from the project. A warning pop-up appears, which states the action is permanent. Next, select the Remove button in the warning pop-up to confirm the deletion.
When you assign project roles to groups, the users part of those groups can access any projects the groups are added to. This means the users can view the data within those projects, which might not be appropriate for a large group of users, especially in regulated industries. For more details, check Understanding the data structure and permissions.
As a best practice, when you use single sign-on (SSO), segregate groups at relevant and appropriate access levels. For example, if only a limited set of users should access a specific project, create per-project groups to provision access to that project. Otherwise, unauthorized people might access the data.
If strict segregation is required and data must not be shared across teams, consider using a separate Automation Cloud tenant.
- Roles and their underlying permissions
- Permissions
- Managing user and group roles
- Viewing available roles
- Adding a user or group to a project
- Assign service roles to a user or group
- Editing or removing existing role assignments
- Access control for group-based project roles (Automation Cloud)
- Access control for single sign-on (SSO)
- Access control for Automation Cloud groups