Join Corey Koberg for an in-depth discussion in this video Understanding permissions and security, part of Learning Google Tag Manager.
- [Instructor] And before we dive in and start creating and deploying containers to our site, it's worth taking a second to talk about permissions and security, as this is an extremely important topic. In the early days of tag management, some of the things that had marketers most excited about it, being able to bypass their IT team, was exactly what had the IT and security team in full freak out mode, and probably with good reason. As we discussed in the previous chapter, the GTM container is a way to automatically inject scripts into your page without having to actually embed those scripts into your HTML. And that's great for convenience, but it also means that anyone who has access permissions to do so can inject whatever scripts they want to into your site.
This is why it's so critical to be mindful of who you give that power to. Fortunately, GTM has some features built in that help make sure only authorized folks are able to publish code to your site. We're here in the overview. And if I click into a container here and then I go up into the Admin panel, we can get down to the User Management section. Now let's click into an individual user here. When creating a new user, you're going to need to provide the user's email address that's associated with their account, but this does not have to be a Gmail address.
In fact, you should try to use verified corporate addresses instead of personal Gmail accounts wherever possible. When you create this user, you're gonna be asked to set permissions for that user at both the account and the container level. You'll see individual permissions for each container here within that account. We have the Admin and the User level here. As a rule of thumb, it's always a safe idea to give a user the lowest permissions needed to conduct their work, as this protects your website from any accidental deployments. So as we said here, we have two of these available. We have User and Admin.
The key difference here is Admin level is going to allow the user to manipulate their own permissions on the container within, as well as add other users to the account. We're gonna give most people the User level here. Next we can select Container Permissions for each of these containers. Let's go through these one by one. First and simplest is No Access. This user will not see this container at all in the interface. If you add a user to the account but you don't give them access to any container, there will be quite a bit of confusion. So, make sure if you use this permission level, it's only when there are multiple containers within the account.
The next one, Read, gives the user visibility to the container but does not allow for any changes to be made. Edit allows a user to collaborate within the container and make updates to the tags, triggers, and variables. This type of user cannot create new versions or publish the container out to production. This level's helpful for individuals you want to be able to make tweaks to the configuration but not be responsible for finalization of the deployment. Approve is the next step above Edit. This user has not only the ability to update the tags, triggers, variables, but also create versions and workspaces for the users to modify.
We'll see a bit about this later. Generally, this role is for someone who has an expertise in GTM but not the final approval for those production launches. Last and important, you got a Publish access, which allows for this user to push any container out into production, to go live essentially. This is a critically important role, as it assumes if a container's being published into production that it has gone through due process in terms of quality assurance, all your security checks, all the things that you internally need to do. And this is how we control people who need to edit and be creating versus those who actually have the ability to hit the go live button.
You can also do this at the Google level, but this is an extra step here for publishing in GTM. User permissions are an important piece to consider when we embark on a GTM imitation, so it's important to get these squared away. And now it's time to dive in.
- Working with accounts and containers
- Installing a container on WordPress (CMS)
- Leveraging the Google Analytics built-in tags
- Working with variables
- Creating triggers
- Control versioning
- Debugging your tags
- Using custom HTML tags