Operations — Access matrix
Who has access to which tool, at what permission level.
Quick reference for tool provisioning across Lucyd CS + Wow24-7. If access is missing for any role-tool combination below, Alex provisions it.
Tool-by-tool access
| Role | Gorgias | Amazon Seller | Walmart Seller | TikTok Seller | Meta Biz Suite | Shopify | ShipStation | Intercom (legacy) | KB (help.lucyd.co/internal) |
|---|---|---|---|---|---|---|---|---|---|
| Wow24-7 Agent (Tier 1) | Full | Limited (Buyer-Seller msgs, scorecard view) | Limited (Messages, Orders, scorecard) | Limited (Inbox, Orders) | Full DM access | Read-only | Full | Existing (transitioning out) | Read |
| Wow24-7 Lead | Full | Limited + A-to-Z view | Limited + Safety Claim view | Full | Full | Read-only | Full | Existing | Read |
| Lucyd CS Ops Lead (Alex) | Admin | Admin | Admin | Admin | Admin | Read-only | Admin | Admin | Edit (CODEOWNERS for public/*) |
| COO (Joaquin) | View | Admin | Admin | Admin | Admin | Admin | View | View | Edit (CODEOWNERS for public/*) |
Provisioning notes
Gorgias
- New Wow24-7 agents are invited via the team admin console.
- Required scopes: tickets read/write, macros read, integrations view.
- Each agent should change their default signature to include their name.
Amazon Seller Central
- New agents added via Seller Central → Settings → User Permissions.
- Limit Wow24-7 to Buyer-Seller Messaging + Performance / Account Health view. Do NOT grant Inventory, Pricing, or Catalog edits.
- A-to-Z claim viewing is reserved for the Wow24-7 Lead role.
Walmart Seller Center
- Provisioned via Walmart Seller Center → Settings → User Management.
- Same model as Amazon — Wow24-7 sees Messages + Orders + Scorecard only.
TikTok Shop Seller Center
- Provisioned via TikTok Seller Center → Settings → User Permissions.
- Currently being rolled out. Reach out to Alex if access isn’t live yet.
Meta Business Suite
- Provisioned via Meta Business Suite → Settings → People.
- Wow24-7 gets DM access + Commerce Manager view.
- Do NOT grant Ads or Page Settings.
Shopify
- Wow24-7 access is read-only to orders, customers, and products.
- Wow24-7 agents create replacement orders (workflow in non-Rx replacements) — but no other write permissions.
ShipStation
- Existing Wow24-7 access from the legacy setup carries forward.
Cloudflare Access (help.lucyd.co/internal)
- Access policy allows: any
@lucyd.coemail + Wow24-7 corp domain (Bohdan confirms the exact domain — typically@wow24-7.io). - New Wow24-7 agents are added via the email domain match, not per-user.
Offboarding checklist
When a Wow24-7 agent rotates off the Lucyd account:
- Gorgias seat — Alex removes within 24 hours of notification
- Amazon Seller Central — Alex removes user
- Walmart Seller Center — Alex removes user
- TikTok Shop — Alex removes user
- Meta Business Suite — Alex removes user
- Shopify — Alex removes user
- ShipStation — Alex removes user
- CF Access — works automatically when their email is deactivated
Bohdan (Wow24-7 CSM) notifies Alex via #wow24-transition whenever an agent rotates.
Common access issues
- Wow24-7 agent can’t see a marketplace ticket in Gorgias. Check that the channel integration is configured for that marketplace.
- Agent can reply in Gorgias but not in Seller Central. They probably don’t have Seller Central provisioning yet. Escalate to Alex.
/internal/*redirects to a Cloudflare login page. That’s correct — their email needs to be on the allow-list.
See also: SYSTEMS — full tool reference · Wow24-7 onboarding
Last reviewed: 2026-05-26 Owner: alex