Update User Access in Criteo | Blue Frog Docs

Update User Access in Criteo

Modify user permissions, change roles, and adjust advertiser access in Criteo Management Center.

This guide covers updating existing user permissions, changing roles, and modifying advertiser access in your Criteo account.

When to Update Access

Update user access when:

  • User's role changes within organization
  • User needs access to additional advertisers
  • User's responsibilities expand or contract
  • Promoting user to higher permission level
  • Restricting access for security or compliance
  • Temporary access needs to be made permanent (or vice versa)

Prerequisites

  • Administrator access to Criteo Management Center
  • User's current role and advertiser access documented
  • New role requirements clearly defined
  • Approval from appropriate stakeholders (if required)

Updating User Roles

Step 1: Navigate to User Management

  1. Log in to Criteo Management Center
  2. Click your profile icon in the top-right corner
  3. Select Organization Settings
  4. Click Users & Permissions

Step 2: Locate User

  1. Use search bar to find user by name or email
  2. Or scroll through user list
  3. Click on user's name to open their profile

Step 3: Change Role

  1. In user profile, locate Role section
  2. Click Edit or Change Role
  3. Select new role from dropdown:
    • Administrator
    • Campaign Manager
    • Analyst
    • Creative Manager
    • API User
  4. Review permission changes that will occur
  5. Click Save

Step 4: Verify Changes

  1. Confirm new role is displayed in user profile
  2. Check permission summary shows expected access
  3. Notify user of role change

Updating Advertiser Access

Add Advertiser Access

Grant user access to additional advertisers:

  1. Open user's profile
  2. Navigate to Advertiser Access section
  3. Click Add Advertiser
  4. Select advertiser(s) from list
  5. For each new advertiser, choose role:
    • Same as existing advertisers
    • Different role (select from dropdown)
  6. Click Add
  7. Confirm advertisers appear in access list

Example:

Current Access:
- Advertiser A: Campaign Manager
- Advertiser B: Campaign Manager

Adding:
- Advertiser C: Campaign Manager
- Advertiser D: Analyst (different role)

Remove Advertiser Access

Revoke access to specific advertisers:

  1. Open user's profile
  2. Go to Advertiser Access section
  3. Find advertiser to remove
  4. Click X or Remove next to advertiser name
  5. Confirm removal in dialog box
  6. Verify advertiser no longer appears in access list

Important:

  • Removing last advertiser doesn't delete the user
  • User remains in organization but has no access
  • Can re-add advertiser access later

Change Role for Specific Advertiser

Modify role for individual advertiser:

  1. In user's Advertiser Access section
  2. Find advertiser where role needs changing
  3. Click Edit or role dropdown
  4. Select new role
  5. Save changes
  6. Confirm new role is displayed

Example:

Before:
- Advertiser A: Campaign Manager
- Advertiser B: Campaign Manager

After:
- Advertiser A: Administrator (promoted)
- Advertiser B: Campaign Manager (unchanged)

Role Transition Scenarios

Promoting to Administrator

From Campaign Manager to Administrator:

  1. Update role to Administrator
  2. User gains:
    • Budget management
    • Billing access
    • User management
    • API credentials access
    • Account settings
  3. Notify user of new responsibilities
  4. Provide admin-specific training
  5. Review security requirements (MFA, etc.)

Checklist:

  • Manager approval obtained
  • Business justification documented
  • Security requirements met
  • User trained on admin responsibilities
  • Access change logged

Downgrading from Administrator

From Administrator to Campaign Manager:

  1. Review what user will lose access to:
    • Billing information
    • User management
    • API credentials
    • Critical account settings
  2. Transfer ownership of:
    • API integrations user manages
    • Payment methods
    • Billing contacts
  3. Update role to Campaign Manager
  4. Verify user can still perform required tasks
  5. Document reason for change

Important Considerations:

  • Ensure another admin exists for account management
  • Transfer any admin-specific responsibilities
  • Check for automated processes dependent on user's admin access

Converting to Read-Only (Analyst)

From any role to Analyst:

  1. Confirm user only needs reporting access
  2. Update role to Analyst
  3. User loses ability to:
    • Edit campaigns
    • Create new campaigns
    • Modify settings
    • Manage budgets
  4. Verify reporting access meets needs
  5. Document reason for restriction

Use Cases:

  • User moving to analytics-only role
  • Temporary restriction during investigation
  • Executive stakeholder needing visibility only

Custom Permission Modifications

Modify Specific Permissions

For fine-grained control:

  1. Open user profile
  2. Navigate to Permissions tab
  3. Click Customize Permissions
  4. Toggle individual permissions:

Campaign Permissions:

✓ View campaigns
✓ Edit campaign names
✓ Pause/resume campaigns
✓ Adjust bids (new)
✗ Delete campaigns
✗ Modify budgets

Creative Permissions:

✓ View creatives
✓ Upload creatives
✓ Edit creatives (new)
✗ Delete creatives

Reporting Permissions:

✓ View reports
✓ Export data
✓ Schedule reports (new)
✓ Share reports
  1. Save permission changes
  2. Review permission summary

Reset to Default Permissions

To restore standard role permissions:

  1. In Permissions tab
  2. Click Reset to Default
  3. Confirm action
  4. Permissions revert to standard role settings

Updating Access Restrictions

Modify IP Whitelist

Change allowed IP addresses:

  1. Open user profile
  2. Go to Security section
  3. Click IP Restrictions
  4. Add new IP addresses or ranges
  5. Remove outdated IPs
  6. Save changes

Example Update:

Before:
- Office IP: 203.0.113.50

After:
- Office IP: 203.0.113.50
- Home VPN: 198.51.100.75 (added)
- Old VPN: 192.0.2.10 (removed)

Update Time-Limited Access

Extend or shorten access duration:

  1. In user profile, find Access Duration section
  2. Click Edit
  3. Modify:
    • Start date (if not yet started)
    • End date (extend or shorten)
    • Auto-notification settings
  4. Save changes

Scenarios:

Extending contractor access:
Before: Ends December 31, 2024
After: Ends March 31, 2025

Making temporary access permanent:
Before: Ends January 15, 2025
After: No end date (permanent access)

Geographic Restriction Updates

Modify location-based access:

  1. Security section in user profile
  2. Click Geographic Restrictions
  3. Add or remove countries/regions
  4. Save changes

Bulk User Updates

Update Multiple Users

For changing multiple users at once:

  1. Navigate to Users & Permissions
  2. Select multiple users (checkboxes)
  3. Click Bulk Actions
  4. Choose action:
    • Change role
    • Add advertiser access
    • Remove advertiser access
    • Update permissions
  5. Configure changes
  6. Review affected users
  7. Confirm bulk update

Example:

Update: Add Advertiser C access to all Campaign Managers
Selected Users: 5
New Access: Advertiser C (Campaign Manager role)

Download Current Access Report

Before bulk changes:

  1. Users & Permissions > Export
  2. Download CSV of current access
  3. Review before making changes
  4. Keep as before/after documentation

Notification and Communication

Notify Users of Changes

Email Template:

Subject: Criteo Access Update - [Date]

Hi [Name],

Your Criteo Management Center access has been updated:

Previous Role: Campaign Manager
New Role: Administrator

New Capabilities:
- Budget management
- User administration
- Billing access

Effective: Immediately

Questions? Contact [Admin Name]

Best regards,
[Your Name]

Document Changes

Maintain change log:

## User Access Change Log

### 2024-10-20: Updated Jane Smith
- User: jane.smith@company.com
- Previous Role: Campaign Manager
- New Role: Administrator
- Advertisers: No change (A, B, C)
- Reason: Promotion to Marketing Director
- Approved by: CMO
- Updated by: admin@company.com

Testing Updated Access

Verify New Permissions

After updating:

  1. Ask user to log in
  2. Check they can access new features
  3. Verify removed features are inaccessible
  4. Test advertiser access changes
  5. Confirm reports and dashboards load correctly

Test Checklist:

  • User can log in successfully
  • New advertisers are visible
  • Removed advertisers are hidden
  • New permissions work as expected
  • Removed permissions are enforced
  • No unexpected access issues

Monitor for Issues

In first 24-48 hours:

  • Check for access-related support requests
  • Monitor audit logs for unusual activity
  • Verify user can complete daily tasks
  • Address any permission gaps immediately

Troubleshooting

User Can't Access New Advertiser

Check:

  1. Advertiser was successfully added to profile
  2. User has refreshed browser/logged out and back in
  3. No conflicting permission settings
  4. Organization-level restrictions aren't blocking

Solutions:

  1. Remove and re-add advertiser access
  2. Have user clear browser cache
  3. Check for IP restrictions
  4. Contact Criteo support if issue persists

User Still Has Old Permissions

Check:

  1. Changes were saved successfully
  2. User has logged out and back in
  3. Browser cache isn't showing old state
  4. Custom permissions aren't overriding role

Solutions:

  1. Re-save role change
  2. Force user logout from admin panel
  3. Clear user's sessions
  4. Reset permissions to default

Role Change Not Reflecting

Diagnosis:

  1. Check Audit Log for successful update
  2. Verify in user list (not just profile)
  3. Look for error messages
  4. Check for pending approval workflows

Resolution:

  1. Re-attempt role change
  2. Try from different browser
  3. Contact Criteo support with audit log details

Best Practices

1. Regular Access Reviews

Monthly:

  • Review recent access changes
  • Verify changes are still appropriate
  • Check for users needing updates

Quarterly:

  • Comprehensive access audit
  • Align permissions with current roles
  • Remove unnecessary access

Annually:

  • Full access recertification
  • Update security policies
  • Refresh admin training

2. Document All Changes

For every update:

  • Who requested change
  • Business justification
  • Approval chain
  • Before and after states
  • Effective date
  • User notification

3. Principle of Least Privilege

When updating access:

✓ Grant only what's needed now
✗ Avoid "just in case" permissions
✓ Regular reviews to reduce access
✗ Leaving old permissions active

4. Change Management

Standard Process:

  1. Request submitted with justification
  2. Manager approval obtained
  3. Change scheduled (avoid business-critical times)
  4. User notified in advance
  5. Change implemented
  6. Verification performed
  7. Documentation updated

5. Security Considerations

When promoting to Administrator:

  • Verify MFA is enabled
  • Review recent activity
  • Confirm user understands responsibilities
  • Add to admin rotation/on-call if applicable
  • Update security contact list

When downgrading access:

  • Check for API keys to revoke
  • Transfer ownership of resources
  • Update automated alerts
  • Remove from admin distribution lists

Reverting Changes

Undo Recent Changes

If update was incorrect:

  1. Navigate to Audit Log
  2. Find the access change entry
  3. Note previous settings
  4. Open user profile
  5. Manually revert to previous state
  6. Document reversion

Quick Revert:

Before (correct): Campaign Manager, Advertiser A & B
Incorrect Change: Administrator, Advertiser A, B, C
Revert To: Campaign Manager, Advertiser A & B

Getting Help

Before Updating

  • Review current access carefully
  • Understand implications of changes
  • Get necessary approvals
  • Plan for testing new access

After Updating

  • Verify changes immediately
  • Monitor for issues
  • Document completion
  • Update internal records

Support Resources

  • Criteo Help Center: https://help.criteo.com
  • User Management Guide: In Management Center
  • Support Ticket: For technical issues
  • Account Manager: For policy questions

Next Steps

↑ Back to top
// SYS.FOOTER