Tenant settings
Incentives accurately displays up-to-date license usage limits based on your Entitlements within Tenant settings. We have increased transparency on billable usage based on your Software Schedule Agreement.
To track your license usage, click Tenant settings from the model drop-down located in the admin panel.
Entitlements Usage Reporting & Statistics
Varicent Incentives enables admins to independently track and view current and historical license usage for:
Note
Non-production models do not affect your license usage, and any changes made with these models won't appear in Tenant settings.
Admin users
These users are assigned admin licenses, allowing them to configure and manage the Varicent Incentives Admin Client. They participate in the development and continuous management of the Varicent Incentives compensation plans.
To learn more, read: Tracking administrative users.
Payee users
These users hold payee licenses as they participate in compensation programs overseen by Varicent Incentives. Usually, they are employees or partners who earn compensation based on program criteria.
To learn more, read: Tracking payee users.
Import records
Import records track the amount of data that you import or process each month within Varicent Incentives, focusing on new rows from external imports into production models.
To learn more, read: Tracking import records.
Note
An individual can hold both admin and payee licenses.
For example, someone managing the Varicent Incentives system and involved in a compensation program might have separate Admin Client and Sales Portal accounts for each role, even if they use the same email address. These accounts have different credentials to reflect their specific functions.
You can track historical usage of the number of admin users, payee users, and import records to identify your usage trends. Once you have enabled permissions to view usage and limits, you can independently access your usage information. Read Enabling entitlements permissions to learn more.
Note
Admins will receive notification banners when their license usage reaches 85% and 95%, and when these limits are exceeded for: admin licenses, import record usage, and payee licenses.
Once you reach a specific threshold, please contact your Customer Success Manager or Varicent Support to purchase additional licenses. If you're concerned about exceeding your limit, consider purchasing more licenses beforehand to prevent extra charges.
Click the I acknowledge button in the notification banner to confirm that you've seen the notification banners, indicating your understanding of current usage and any required actions. To maintain an accurate record of actions, each acknowledgment of a license usage notification is logged in the Activity tab on the Admin user's page within Tenant settings. For ongoing monitoring, notifications will reappear based on set intervals: every 90 days for payee and admin usage, and every 7 days for import record usage, as long as usage exceeds thresholds.
Enabling entitlements permissions
You can only access your usage information once you have Entitlements enabled in Model settings.
From the admin panel, click on Model settings
.Select User and permissions -> Role permissions.
From Entitlements, enable View usage and limits checkbox.
Tracking administrative users
The Admin users screen provides a centralized hub for monitoring, managing, and optimizing your administrative resources within Varicent Varicent Incentives. As an admin, not only can you track and assess the usage of your admin licenses, but you also have the ability to add and edit admins along with their roles. You can also view all current and historical usage for all administrative users registered in the current model of your tenant.
The Manage Admins section on the Admin Users page serves as a one-stop location for overseeing and improving your admin resources in Varicent main: prod_name_title. As an admin, you can monitor license usage and have the power to add or update admin users and their roles.
Track and access admin licenses: You can monitor the usage of your admin licenses to ensure they are being used effectively. This allows for optimized allocation and usage tracking.
Read Understanding your entitlement usage to learn more.
Add and edit admins and their roles: You have the authority to not only add new administrative users but also modify existing ones. This includes assigning roles based on the desired access level and responsibilities, ensuring that the right people have the right access.
Read Adding new admin users and Editing existing admin users to learn more.
View usage history: You can access a complete record of all current and previous usage activities for all admin users within your tenant's model. This historical data is crucial for auditing and compliance purposes, providing insights into administrative activities over time.
Read Monitoring admin user history and Tracking admin user activity to learn more.
Understanding your entitlement usage
The Entitlement usage section of the Admin users page provides a comprehensive overview of your admin users, segmented into three categories: Assigned admins, Varicent admins, and Unassigned admins. This segmentation helps you understand how each category affects your usage limits and licensing.
To view your usage:
From the admin panel, click the model drop-down.
Click Tenant settings.
Click the Admin users tab.
From the Overview tab, view your usage metrics categorized by types of admin users:
Types of admin users | Description |
|---|---|
Assigned administrators | Administrators assigned to at least one of your models in the Varicent Incentives admin client. Types of assigned administrators:
|
Varicent administrators | Varicent users who have access to your models for support and implementation purposes. These users don’t count towards your usage limits. The email addresses with the domains @varicent.com or @ibm.com are considered Varicent users. |
Unassigned administrators | Administrators not assigned to any models in the Varicent Incentives admin client. |
Implementation phases
Implementation refers to the period during which a customer is integrating or setting up the Varicent platform. This phase involves specific activities and close collaboration among the customer, partner, and Varicent to ensure the successful deployment of the solution. Below is an explanation of the key elements of this process:
During implementation: During this period, partners (identified by a partner tag in Salesforce) are actively engaged to support the customer. Their email addresses are tracked separately as part of the implementation process, indicating that they have a temporary or special role in assisting with the deployment.
Status tracking: The implementation status for each customer is monitored and updated in Salesforce, specifically in the Status field. This provides a systematic way to determine and report whether a customer is still undergoing implementation activities or has transitioned out of this phase.
After implementation: Once the implementation is complete, all users, including partners, will be counted as Assigned admins.
Managing administrative users
The admin table on the Overview tab of the Admin users page serves as a one-stop location for overseeing and improving your admin resources in Varicent Incentives. As an admin, you can monitor license usage and have the power to add or update admin users and their roles.
To view a detailed list of admin users:
From the admin panel, click the model drop-down.
Click Tenant settings.
Click the Admin users tab.
From the Overview tab, in the Manage admins table, you can view, filter, and manage your admin users.
Note
If you see a difference between the number of fields in the table and the total number of admins in the usage cards, it could be because you are only viewing the assigned admins for the models you have access to. If you're not assigned to every model within the tenant, security and authorization constraints might prevent you from seeing all the assigned admins.
From the admin table, you can:
Filter admins: Click on the admin cards to filter users. You can use the table’s comprehensive filters to pinpoint specific users. For example, you may want to view only "Licensed" admins or users tied to certain models. This allows precision in managing roles and making sure your admin users are properly assigned where they’re needed.
Add admin: This enables you to configure and assign new admin users to specific models, designate their user roles, and set up their security and authentication constraints.
To learn more about creating a new admin user, read: Adding new admin users.
Track admins: You can oversee all administrative roles and their details. The table provides key information on each admin, including fields such as:
Type: Indicates whether the user is a Licensed, Partner, or Varicent admin.
Name: The full name of the admin user.
Username: The unique username used by the admin for access.
Email: The admin user's email address.
Models and user roles: Shows the specific models the user can access and the roles they hold within those models. The system marks any models the user isn't assigned to as restricted models and hides their names unless the user shares access.
Note
A restricted model is one that a user cannot access because they are not assigned to it. When users are assigned to different models within the same tenant, they cannot see the names of models assigned to others; those models are labeled as Restricted model(s) instead.
Last activity: Records the most recent action performed by the user, providing insight into how actively each admin is involved in using the system.
Tenant permissions: Specific access levels are granted to users, determining what actions they can perform within the models.
To learn about each user permission in detail, read: Tenant permissions.
Permission
Description
All tenant permissions
The All tenant permissions level grants full administrative control over user management within the system. Administrators with this permission, can add new users, assign and unassign roles, delete users, modify existing permissions, change passwords, lock or unlock user accounts, and view permission settings and roles within the admin table in the Overview tab. Generated use roles does not include the abilities to assign or unassign users, nor to view permissions and roles in the admin table.
This is the highest level of access, allowing complete oversight and control of all user-related functions.
Access permissions only
The Access permissions only level allow limited user management depending on the role type. Administrators can add users, assign and unassign roles, delete users, and lock or unlock users - provided the target user doesn't hold all tenant permissions - but cannot modify permissions or change passwords. Generated user roles can only add users and lock or unlock users under the same condition, with all other actions restricted.
This permission tier is suited for users who need basic user management capabilities within a restricted operational scope.
View permissions only
The View permissions only level restricts users from performing any actions related to user management. These users, regardless of whether they are administrators or hold a generated user role - cannot add, delete, modify, or manage users in any way.
This permission level is intended purely for observation and oversight without any ability to make changes.
SAML 2.0 native login: Indicates whether the admin is using SAML 2.0 for Single Sign-On (SSO). This enables users to authenticate with their existing organizational credentials and eliminates the need to remember an additional password.
SAML 2.0 integration name ID: Represents the unique identifier used by the SAML 2.0 integration to recognize the user, ensuring the correct identity is associated with SAML login sessions and providing added security and consistency across systems.
Tenant permissions
Tenant permissions define the specific actions that an admin user within a particular user role is authorized to perform. Tenant permissions enable critical tasks such as adding and deleting users, changing passwords, and modifying user settings.
Dependency between user roles and tenant permissions
User roles are a way to group users according to the tasks and functions they need to perform. These roles are created with specific capabilities in mind, allowing users to access certain parts of the module that align with their responsibilities.
You can define and adjust these roles in the Roles permissions page in Model settings. Here, you can decide what actions each role can perform, such as whether they can edit, view, or delete Presenter Adaptive reports, or modify calculations.
To learn more, read: Roles.
Tenant permissions define what specific actions a user within a role can perform. They are granular controls within a role that dictate the extent of authority a user has. For instance, permissions might include adding or removing other users, changing passwords, or accessing roles.
While roles provide a general framework of access levels, permissions enable users to perform specific actions associated with those roles.
When creating a new admin user, it is important to assign specific user permissions that match their roles and responsibilities. Additionally, permissions for existing admins can be edited as necessary. There are three types of user permissions, each detailing the tasks that an admin can perform:
Tenant Permission | Add user | Assign roles | Unassign users | Delete user | Modify permissions | Change passwords | Lock/unlock user | View permission & roles in the list of admin users table |
|---|---|---|---|---|---|---|---|---|
All tenant permissions User role: Administrator | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
All tenant permissions User role: Any generated user role | ✓ | X | X | ✓ | ✓ | ✓ | ✓ | X |
Access permissions only User role: Administrator | ✓ | ✓ | ✓ | ✓ | X | X | ✓¹ | ✓ |
Access permissions only User role: Any generated user role | ✓ | X | X | X | X | X | ✓¹ | X |
View permissions only User role: Administrator | X | X | X | X | X | X | X | ✓ |
View permissions only User role: Any generated user role | X | X | X | X | X | X | X | X |
¹ Lock/unlock is allowed only if the logged-in user does not have All tenant permissions and the user being edited does not have All tenant permissions.
The table below clarifies how different permissions affect what users can see, based on their assigned roles:
Note
Make sure all necessary Entitlements permissions are enabled for any user generated role.
Read Enabling entitlements permissions to learn more.
Tenant permission | User role | Access level |
|---|---|---|
All tenant permissions | Administrator | They can see both tenant permissions and user roles for the model to which they are assigned. |
Access permissions only | They can see both tenant permissions and user roles for the model to which they are assigned. | |
View permissions only | They can see both tenant permissions and user roles for the model to which they are assigned. | |
All tenant permissions | Any generated user role | They have access to view the permissions of all users within a particular tenant, regardless of any model. They can also view tenant permissions of users who have restricted model access. |
Access permissions only | They have access to view the permissions of all users within a particular tenant, regardless of any model. They can also view tenant permissions of users who have restricted model access. | |
View permissions only | They have access to view the permissions of all users within a particular tenant, regardless of any model. They can also view tenant permissions of users who have restricted model access. |
Adding new admin users
You can add new users to your tenant from the Admin users page in Tenant settings. This involves defining their roles, setting permissions, and ensuring they have the necessary access to perform their tasks effectively. Here's how you can get started:
From the admin panel, click the model options drop-down.
Click Tenant settings.
Click the Admin users tab.
From the Overview tab, click Add admin.
Enter the admin's Username, First name, Last name, and Email.
Note
The admin's username must be unique across the entire data center, not just within a single tenant.
Under SAML 2.0 integration, turn the Use native login when SAML2.0 integration is enabled toggle on to enable native login even when SAML2.0 integration is active.
It's an alternative login method that can be useful if there are issues with the SAML 2.0 system or if some users need to log in using a different method for any reason.
Under SAML 2.0 integration, enter the admin's SAML 2.0 integration name ID.
Tip
For more information on SAML 2.0 integration, see the SAML 2.0 Integration section of the On-premise Installation Guide.
Under Password, create a password that is at least 8 characters long and includes a lowercase letter, an uppercase letter, a number, and a symbol.
Note
Passwords should not match the Username. Passwords will automatically expire every 90 days. The system remembers the last 13 passwords you used, so you cannot reuse them. If you attempt to log in and enter the wrong password five times, your account will be temporarily locked.
From the Tenant permissions drop-down, select which permissions to grant the user:
Note
Tenant permissions work in combination with your user role. To be granted all tenant permissions, users must have an Administrator role and All permissions selected.
To learn about each tenant permission in detail, read: Tenant permissions.
Permission
Description
All tenant permissions
The All tenant permissions level grants full administrative control over user management within the system. Administrators with this permission, can add new users, assign and unassign roles, delete users, modify existing permissions, change passwords, lock or unlock user accounts, and view permission settings and roles within the admin table in the Overview tab. Generated use roles does not include the abilities to assign or unassign users, nor to view permissions and roles in the admin table.
This is the highest level of access, allowing complete oversight and control of all user-related functions.
Access permissions only
The Access permissions only level allow limited user management depending on the role type. Administrators can add users, assign and unassign roles, delete users, and lock or unlock users - provided the target user doesn't hold all tenant permissions - but cannot modify permissions or change passwords. Generated user roles can only add users and lock or unlock users under the same condition, with all other actions restricted.
This permission tier is suited for users who need basic user management capabilities within a restricted operational scope.
View permissions only
The View permissions only level restricts users from performing any actions related to user management. These users, regardless of whether they are administrators or hold a generated user role - cannot add, delete, modify, or manage users in any way.
This permission level is intended purely for observation and oversight without any ability to make changes.
Under Model assignment, click Assign admin to model, and select one or more models to add the new admin user to.
Note
If you don't assign the admin to any model, they won’t be able to log in to Varicent Incentives.
If you've selected a model to add the user to, select a user's role from each model.
You can define and adjust these roles in the Roles permissions page in Model settings. Here, you can decide what actions each role can perform, such as deciding if they can edit, view, or delete Presenter Adaptive reports, or modify calculations in the Composer module. When you create a new role in the Roles permissions page, it becomes available in the User role dropdown for easy assignment.
Click Add admin.
The add admin feature changes depending on the logged-in user’s role and their tenant permissions:
Only users with All tenant permissions or Access permissions only can add new users.
To assign users to specific models, the user must have the Administrator role.
Users with Access permissions only (whether admin or custom roles) can add new users, who will automatically get the same permission level.
Users with View permissions only (admin or custom roles) won’t see the Add admin button and cannot add new users to the tenant.
Changing administrative user passwords
You can change passwords for users in Incentives.
From the admin panel, click the model options drop-down.
Click Tenant settings.
Click the Admin users tab.
From the Overview tab, go to the Manage admins table and click the More options menu (...) next to the admin user whose password you want to update.
Select Change user password.
Type and confirm a new password.
Note
These rules apply when creating passwords for Varicent Incentives Admin Portal:
Passwords must have at least eight characters.
Passwords must contain at least: one upper-case letter, one lower-case letter, one number, and one special character.
Passwords cannot be the same as the UserID.
Passwords expire in 90 days.
The history limit for passwords is 13.
The number of failure attempts before users are locked out of the Varicent Incentives Admin Portal is five.
These rules cannot be changed by end users.
Click Save.
Editing existing admin users
You can edit existing details and permissions for admin users, adjust their model assignments, and ensure you configure role settings accurately. This editing ability allows for precise control over user roles and permissions within different models, catering to varied access needs. If necessary, you can also reassign or unassign users from specific models.
From the admin panel, click the model drop-down.
Click Tenant settings.
Click the Admin users tab.
From the Overview tab, go to the Manage admins table and click the More options menu (...) next to the admin user that you want to edit.
Click Edit user.
Edit the admin's First name, Last name, and Email as required.
Note
Users with All tenant permissions can edit any user’s first name, last name, or email address without restrictions.
Users with Access permissions only can edit another user’s first and last name only if that user does not have All tenant permissions. This applies regardless of model assignments or whether the user has the Administrator role.
Edit the admin's SAML 2.0 integration details as required.
Note
You can edit a user’s SAML2.0 Integration if you have All tenant permissions, or if you have Access permissions only, and the user you're editing has lower permissions.
Edit the admin's password as required.
Note
You can edit an admin's password only if the logged-in user has All tenant permissions.
Edit the user's tenant permissions as required.
Note
You cannot modify your own user settings unless you have All tenant permissions. If you switch to a different user permission, you won't be able to change it back yourself. This setting is fixed.
To learn more about permissions, read: Tenant permissions.
Turn the Lock admin toggle on to lock the admin user.
Read Locking admin users to learn more about locking users.
Under Model assignment, click Assign admin to model, and select one or more models to which you want to add the existing admin user.
Note
A user with All tenant permissions and Access permissions only can assign or unassign other users only to the models where they also hold the Administrator role.
For example, if they're assigned to Model A and Model B but are an admin only in Model A, they can assign or unassign users only in Model A.
Tenant permission
User role in a model
Can assign or unassign users to models?
All tenant permissions
Administrator
Yes
All tenant permissions
Any generated user role
No
Access permissions only
Administrator
Yes
Access permissions only
Any generated user role
No
View permissions only
Administrator
No
View permissions only
Any generated user role
No
Under Model assignment, click the
icon next to the model name to unassign the user from the selected model.Note
By unassigning a user, you revoke the user's role as an administrator within that specific model. However, the user still remains part of the tenant.
To learn more, read Unassigning an admin user from a model.
Click the Select user role dropdown of the required model, and edit the role that defines this user's access and actions within the selected model.
Note
If the user is assigned to more than one model, check roles against models individually to edit appropriate access.
For example, if John is linked to Model X and Model Y, and he is assigned an admin role in Model X for full access but only has a custom Role A in Model Y for limited actions, make sure these roles are set correctly for each.
You can define and adjust these roles in the Roles permissions page in Model settings. Here, you can decide what actions each role can perform, such as if the user can edit, view, or delete Presenter Adaptive reports, or modify calculations in the Composer module. When you create a new role in the Roles permissions page, it becomes available in the Select user role dropdown for easy assignment.
Click Save.
Unassigning an admin user from a model
An administrative user can be unassigned from a specific model they are currently associated with. This disconnects the admin user from the selected model on the tenant. By unassigning them, you will revoke their administrative privileges specific to the model, while still retaining them as part of the tenant.
Note
Users that are not assigned to any model do not count towards your usage limit.
Difference between unassigning vs deleting a user
Unassigning an administrative user removes their association with a specific model within a tenant. This action revokes the user's role as an administrator for the selected model. However, the user remains part of the tenant and retains associations with any other models they are assigned to.
For example, you have an admin user who manages models A and B within a tenant. If their responsibilities change and they no longer need administrative access to Model A, they can be unassigned from Model A. Removing the user from Model A ensures they can't make changes or access administrative functionalities within Model A, but they can continue to manage Model B within the tenant.
Deleting an administrative user entirely removes them from the tenant and all associated models. This action is irreversible and means the user will no longer have any access or roles within the tenant. You can typically use deletion when a user leaves the organization or their role become obsolete.
To learn more, read: Deleting an admin user.
To unassign an admin user:
From the admin panel, click the model options drop-down.
Click Tenant settings.
Click the Admin users tab.
From the Overview tab, go to the Manage admins table and click the More options menu (...) next to the admin user that you want to unassign.
Click Edit user.
Under Model assignment, click the
icon next to the model name to unassign the user from the selected model.Click Save.
Locking admin users
Locking a user is a preventative measure that temporarily restricts a user from logging into Varicent Incentives . This feature is particularly useful in scenarios where you suspect unauthorized access or as a response to security breaches. Only users with designated user permissions have the authority to execute this action. Once a user is locked, they remain unable to access their account until an admin unlocks them.
Note
An admin can lock or unlock another user if they have All tenant permissions, or if they have Access permissions only and the user they’re trying to edit does not have All tenant permissions. In other words, users with Access permissions only can only lock or unlock others with access or view permissions.
To learn more, read: Tenant permissions.
From the admin panel, click the model options drop-down.
Click Tenant Settings.
Click the Admin users tab.
Click the Overview tab.
From the Manage admins table, click the More options menu (...) of the admin user that you want to lock.
Or
From the Manage admins table, click the More options menu (...) of the admin user, and click Edit admin.
Click Lock admin.
In the confirmation window, click Lock admin.
A lock icon displays next to the user name in the admin users table.
To unlock a user, read Unlocking admin users.
Unlocking admin users
Unlocking a user restores their access to Varicent Varicent Incentives . If a user gets locked out, it could be due to multiple failed login attempts with incorrect passwords or because an admin has manually locked their account. By unlocking a user, you grant them the ability to log in once again. To learn about how to lock a user, read: Locking admin users.
Note
You need to have certain user permissions to be able to unlock a user.
Read Tenant permissions to learn more.
From the admin panel, click the model options drop-down.
Click Tenant settings.
From the Admin users tab.
From the Overview tab, go to the Manage admins table and click the More options menu (...) next to the admin user that you want to unlock.
Click Unlock admin.
In the confirmation window, click Unlock admin.
Deleting an admin user
Deleting an administrative user entirely removes them from the tenant and all associated models. This action permanently removes the user's access and roles within the tenant. This feature is particularly useful in scenarios where a user leaves the organization or their role becomes obsolete.
For example, you have an admin user who is no longer part of the organization. To ensure you are up to date on security and compliance, delete their account, removing their ability to access any models or perform any administrative functions within the tenant. This ensures that no unauthorized access can occur from that user's account.
The ability to delete other admin users is restricted for certain user roles and tenant permissions. The table below details these limitations for each tenant permission:
Note
A restricted model is one that a user cannot access because they are not assigned to it. When users are assigned to different models within the same tenant, they cannot see the names of models assigned to others; those models are labeled as Restricted model(s) instead.
Tenant permission | User role | Target user type | Can delete user? |
|---|---|---|---|
All tenant permissions | Any generated user role | No model assigned | Yes |
All tenant permissions | Any generated user role | Same model | No |
All tenant permissions | Any generated user role | Restricted model(s) | No |
All tenant permissions | Admin | Any | Yes |
Access permissions only | Admin | No model assigned | Yes |
Access permissions only | Admin | Same model | Yes |
Access permissions only | Admin | Restricted model(s) | No |
Access permissions only | Admin | No model assigned | Yes |
Access permissions only | Any generated user role | Same model | No |
Access permissions only | Any generated user role | Restricted model(s) | No |
View permissions only | Admin | Any | No |
View permissions only | Any generated user role | Any | No |
To delete an admin user:
From the admin panel, click the model options drop-down.
Click Tenant settings.
Click the Admin users tab.
From the Overview tab, go to the Manage admins table and click the More options menu (...) next to the admin user that you want to unlock.
Click Delete admin.
Click Delete from the confirmation dialog box to permanently delete the admin user from all their associated models.
Monitoring admin user history
Monitoring admin user history provides insights into using and managing administrative privileges across different models within your tenant. By accessing and analyzing historical data, you can better understand the trends and patterns in admin usage.
To keep an eye on how admin users have been doing over time, you can get a summary of their past activity by following a few easy steps:
From the admin panel, click the model options drop-down.
Click Tenant settings.
Click the Admin users tab.
Click the Overview tab.
On the Overview tab, you'll find the Assigned administrator history graph, which provides a clear, monthly overview of the number of administrative users assigned to various models in the Varicent Incentives admin client. These users are responsible for managing at least one of the models within the same admin client.
To learn more about Assigned admins and their types, read: Understanding your entitlement usage.
For a broader view, select the drop-down menu on the graph to see your administrative usage yearly. This data helps in assessing long-term trends.
Tracking admin user activity
Use the Activity tab on the Admin users page to closely monitor the actions of administrative users within your system. This Activity tab provides insights into user events such as logins and logouts, allowing you to view the activity log, apply filters to the displayed events, and export the data to a .CSV file for offline analysis.
Note
You can choose to redirect Admin user's Activity tab to Audit page instead. Reach out to our support team to enable this.
Once this feature is activated, the Activity tab on the Admin users page will no longer be available.
To view the admin user's activity:
From the admin panel, click the model options drop-down.
Click Tenant settings.
Click the Admin users tab.
Click the Activity tab.
You can view the following admin details:
Date/Time: Displays the exact date and time of each recorded event.
Username: Indicates the user who performed the action.
Event: Describes the specific activity or action taken by the user.
Success: Signifies whether the event was successfully completed.
Error: Details any errors encountered during the event.
The following events can be found in the activity tab if the event has been actioned.
User Login: Records when a user logs into the system.
SSO User Login: Tracks logins through Single Sign-On.
User Logout: Captures when a user logs out of the system.
SSO User Logout: Records logouts performed via Single Sign-On.
User changed their password: Indicates a user has updated their password.
User reset their password: Records when a user resets their password.
User requested a password reset: Marks instances of password reset requests.
User added to models: Shows when a user is added to specific models.
User was removed from models: Records removals of a user from models.
User was deleted from models: Captures deletions of a user.
User created: Logs the creation of a new user account.
User was created in models: Details of a new user account when created within specific models.
License usage acknowledgment: Records when a user acknowledges that their admin license, payee license, or import record usage has reached 85%, 95%, or exceeded its limit.
To download a copy of the activity log, read: Downloading admin users activity log.
Downloading admin users activity log
Exporting the admin users' activity log is a convenient way to archive or analyze this data offline. By downloading the log as a .CSV file, you can capture a detailed account of all admin users' activities. The flexibility of the activity log gives you an opportunity to review and manage user interactions over time.
Use the following steps to download the complete activity log of all administrative users:
From the admin panel, click the model options drop-down.
Click Tenant Settings.
Click the Admin users tab.
Click the Activity tab.
(Optional) Specify a date range to download user activity for the specified time period.
Click Export.
A .CSV file downloads to your local Downloads folder.
Managing disconnected admins
Disconnected admins are admin users that exist in a model but not in the tenant. They do not count towards your usage limit.
The system removes any users you identify as Disconnected from the admin user list and relocates them to a different section. For example, if you moved from an on-premise setup to the cloud, some admins might not have transferred correctly and become disconnected. You can delete them or contact the support team to reactivate them.
View disconnected admins:
From the admin panel, click the model drop-down.
Click Tenant Settings.
Click the Admin users tab.
Click the Disconnected admins tab.
Delete disconnected admins:
If you delete an admin who manages user accounts, that admin permanently loses access to all related tasks and cannot be recovered.
Note
Once an admin is deleted, they cannot be restored.
From the admin panel, click the model drop-down.
Click Tenant Settings.
Click the Admin users tab.
Click the Disconnected admins tab.
Click the More options menu (...) of the disconnected admin user you want to delete.
Click Delete admin.
Restore disconnected admins:
From the admin panel, click the model drop-down.
Click Tenant Settings.
Click the Admin users tab.
Click the Disconnected admins tab.
Click Contact Support.
Fill out the required information in the form and submit your case. Our support team will respond to help resolve your issue.
Tracking payee users
The Payee users tab allows you to track the number of payee users on your tenant and its models. It displays all current and historical usage for all payee users registered in the current model of your environment.
Note
When you log in to the Payee users screen for the first time, all your payees are flagged as Standard and Active. Start Mapping payee data to accurately track and display all payee information.
Note
Your tenant will only show the total license usage for all models. You won't be able to track usage for each individual model.
Payee types
You can select whether the payee is categorized as ‘Standard’ or ‘Non-standard’ in the System Effective Dated Payee table in Incentives:
Standard payees
Standard payees are individuals who regularly participate in one or more compensation programs. They are:
Managed or tracked using Varicent Incentives.
Participate consistently in compensation programs.
Counted as Standard in the System Effective Dated Payee table within Varicent Incentives.
Considered Active if they are included in Varicent Incentives tables with calculation capabilities.
Example: A salesperson who regularly receives commission-based pay for meeting sales targets.
Non-standard payees
Non-standard payees participate in compensation programs less frequently or in a specialized manner. They are:
Managed with special Varicent Incentives calculations, often not continuous.
Participate as payees who may operate based on fixed timelines, specific management objectives, or irregular participation.
Counted as Non-standard in the System Effective Dated Payee table within Varicent Incentives.
Considered Active if listed in Varicent Incentives tables for non-standard purposes.
A non-transactional payee who participates in compensation programs not driven by standard transactions.
Example: A consultant who might earn a performance bonus based on achieving specific project milestones.
Payee status
You can select whether the payee’s status in this environment is set to ‘Active’ or ‘Inactive’ in the System Effective Dated Payee table in Incentives. The status of a payee determines their eligibility and participation level:
Active payees: Employees or participants currently involved in programs, tracked for performance-based compensation.
Inactive payees: Individuals not currently part of any compensation programs, typically former employees or temporarily inactive members. These payees do not count towards your total Standard and Non-standard payee count.
Note
Inactive payee limits apply only if the customer has purchased specific subscriptions for managing inactive users.
License and usage scenarios
Licensing, in this context, refers to the number of payees - both Standard and Non-standard - that you are allowed to manage across different scenarios within the system. Below is a simplified overview:
Scenario | Type | Status | License requirement |
|---|---|---|---|
Standard and Active | Standard | Active | License is required; limited by license count. |
Non-standard and Active | Non-standard | Active | License is required; limited by license count. |
Inactive (Special cases) | Any | Inactive | No limit unless you purchase an Inactive Payee license. |
Example:
Imagine a company using Varicent Incentives to manage payees. They have:
200 Standard Active payees: Regular employees actively participating.
50 Non-standard Active payees: Employees part of special bonus programs.
30 Inactive payees: Not currently in employment, and they decide whether to track them by purchasing an additional license.
The company must ensure its license includes all Standard Active and Non-standard Active payees. Tracking Inactive payees may require an additional license.
Monitoring payee users history
Monitoring admin user history provides insights into using and managing administrative privileges across different models within your tenant. By accessing and analyzing historical data, you can better understand the trends and patterns in admin usage.
From the admin panel, click the model drop-down.
Click Tenant settings.
From the Payee users tab, click History.
Mapping payee data
Incentives has introduced the PayeeEffectiveDatedInfo_ system table to manage all your effective dated payee information, allowing you to track your payee information data accurately and transparently.
The Payee data mapping tool allows you to map and preview your existing custom table containing your model's effective dated payee information to the PayeeEffectiveDatedInfo_ System table.
Mapping these tables will save you the time to write a SQL query to join these tables. Scheduling the mapped data import will keep your payee data updated at all times, so you don't have to run a new query every time you update your table.
Note
Mapping payee data is required to enable the Payee users tab with accurate data.
Enabling mapping data permissions
You can only map payee data once you have Entitlements enabled in Model settings
From the admin panel, click on Model settings
.Select User and permissions -> Role permissions.
Enable Map payee data checkbox from Entitlements.
Payee usage data mapping
Connect your custom table to PayeeEffectiveDatedInfo_ System table and enable the payee usage feature in the Entitlements usage tool.
From the Admin panel, click the model options drop-down, and select Tenant settings.
From the Payee users page, select Payee data mapping tab.
Select a Source table to import into the PayeeEffectiveDatedInfo_ table.
Click Match fields.
Select source file fields to match to the destination PayeeEffectiveDatedInfo_ table.
Payee ID
Select a column that will specify payee's ID.
Payee type
Select a column that will specify whether the payee is categorized as Standard or Non-standard in the PayeeEffectiveDatedInfo_ System table.
Payee status
Select a column that will specify whether the payee is categorized as Active or Inactive in the PayeeEffectiveDatedInfo_ System table.
Effective start
Select the date column that you want to use as the Effective_Start date for the table.
Effective end
Select the date column that you want to use as the Effective_End date for the table.
Click Transform fields.
Convert the values in your matched columns to map to the values in Payee Type, and click Next.
If you haven't mapped the Payee type column or have added a new value in the column, all records will be automatically flagged as Standard unless otherwise stated.
If you have a Payee Type column, you will need to match the values in that column to Standard or Non-standard.
Convert the values in your matched columns to map to the values in Payee Status.
If you haven't mapped the Payee status column or have added a new value in the column, all records will be automatically flagged as Active unless otherwise stated.
If you have a Payee Status column, you will need to match the values in that column to Active or Inactive.
Click View results to preview and name your import.
Click Save and run to run the import.
Note
If a global action is in progress, we won't be able to start running your import, but we can save your configuration for later.
You can track your import's progress in the Activity module. On successful import, you can schedule your import in the Scheduler module.
Note
If you don't schedule your import, any changes made to your payee data will not be updated. Make sure that the saved import aligns with your import schedule.
If you wish to edit your mapped import:
From the Admin panel, click the model options drop-down, and select Tenant settings.
From the Payee users page, select Payee data mapping tab.
Click Manage mapping.
Traverse through the mapping steps to edit required fields.
Tracking import records
The Import records page tracks your monthly data volume usage. It specifically measures new data rows imported or processed by Incentives via external imports into production models.
Note
If you purge data rows and re-import them, the system considers them new and counts them toward your usage limit.
To access the Import records page:
From the admin panel, click the model options drop-down and select Tenant settings.
Click the Import records page.
The Import records page is divided into the following two sections:
Overview tab:
Import usage limit overview
This part provides a concise view of your total data volume usage for the current month. It only accounts for new data rows processed, and any re-imported data rows are considered as new.
New data row imports for the current month
Counted towards monthly usage limit: Displays details of newly imported data rows that count against your current month's data volume limit.
Not counted towards monthly usage limit: Indicates updated rows that do not impact your data volume limit.
Total rows imported: Summarizes the total number of data rows imported within the month.
Usage over time
A bar graph segmented by models offers a visual representation of data volume trends and patterns in data imports over time. Click on a segment on the graph to see more details on the Import records Activity tab.
Activity tab:
This section offers a breakdown of logs and activities associated with your imports.
Read Tracking import usage activity to learn more about this section.
Entitlements FAQs
This section will provide answers to frequently asked questions regarding the entitlements feature.
See this article for information on how to enable entitlements.
Questions
Where does the Assigned Administrator number come from?
The logic for counting assigned administrators looks at how many users are granted access to one or more models in the tenant.
The following email addresses are excluded:
Domains: @varicent.com or @ibm.com.
Partner email addresses during the implementation period.
Partner emails are identified by a partner tag in Salesforce.
Implementation status is sourced from the Status field in Salesforce for each customer.
Summary of the logic
Remaining admins with access to models contribute to the assigned admin usage.
Admins who have access to the tenant but are not granted access to models contribute to the unassigned admin usage.
The Admin user page shows
Users with access to the tenant who are not assigned to any model.
Users assigned to one or more models.
The History tab tracks aggregate entitlements (admin/payee/import records) and updates daily.
How do we calculate Import records?
Import entitlements are calculated once daily.
Only imports into Production models (not non-production models) are counted towards entitlements.
Only added records (not updated records) are counted towards entitlements.
We do not count intra-model imports towards entitlements.
Why are you not seeing anything in the Import records usage screens?
This might occur if none of the imports were done into a production-tagged model.
How does the system differentiate between inserts and updates?
The system uses a built-in SQL comparison to check if each row already exists in the table.
If the row exists, it is counted as a modified row.
If the row does not exist, it is counted as a new row.
This process tracks whether rows are new or updated for Entitlements.
How is Payee usage calculated?
Payee usage is calculated using the system’s Payee Effective Dated Info (PEDI) table.
A check is performed to ensure this table is in a production-tagged model.
Once mapped, users can map payee types and statuses to system values:
Standard
Non-Standard
Active: Counted towards payee usage limits
Inactive: Not counted towards payee usage limits
Any payees in the Payee_ table but not in the PEDI table are considered Standard Type and Active Type users.
The system tracks payees and reflects them under sections: Standard, Non-Standard, Active, Inactive.