Manage groups and permissions
Create and manage user groups to control access permissions and streamline user selection across your workspace applications.
Group creation and management
Creating workspace groups
Workspace administrators can create necessary groups using the "Groups" app:
- Organizational structure - create groups that reflect your team or project structure
- Functional roles - establish groups based on job functions or responsibilities
- Project teams - create temporary groups for specific projects or initiatives
Group assignment
Assign workspace participants to appropriate groups:
- User categorization - organize users by role, department, or project
- Permission foundation - use groups as the basis for access control
- Flexible membership - allow users to belong to multiple groups as needed
Permission levels
Granular access control
Define permissions at multiple levels to ensure precise access control:
Per-app permissions
- Application access - control which users can access specific applications
- Feature restrictions - limit functionality within applications based on user groups
- Data visibility - determine what data users can see within each app
Per-record permissions
- Record-level access - control access to individual records within applications
- Ownership-based access - restrict access based on record ownership or assignment
- Collaborative access - allow shared access to records for team collaboration
Per-field permissions
- Field-level security - control access to specific fields within records
- Sensitive data protection - restrict access to confidential or sensitive information
- Edit permissions - determine which fields users can view vs. modify
Action-based permissions
Precondition configuration
Permissions for performing specific actions are defined in app configurations:
- Customizable rules - modify action permissions to match your team's workflow
- Group-based requirements - require users to be in specific groups to perform actions
- Example: Tasks app can require users to be in the "Supervisors" group to "Re-open" tasks
Workflow integration
- Process control - ensure only authorized users can perform critical actions
- Quality assurance - require approval or review for certain operations
- Compliance - enforce organizational policies through permission requirements
User selection restrictions
Field-level restrictions
Groups are used to restrict user selection in lookup fields:
- Targeted selection - limit user choices to relevant groups
- Role-based filtering - show only appropriate users for specific fields
- Example: "QA assignee" field could be restricted only to users in the "QA team" group
Benefits of restricted selection
- Improved accuracy - reduce errors by limiting choices to appropriate users
- Workflow efficiency - streamline user assignment processes
- Clear responsibilities - make it obvious which users are responsible for specific tasks
Best practices
Group design
- Clear purpose - define the specific purpose and scope of each group
- Logical organization - align groups with your organizational structure
- Regular review - periodically assess group membership and effectiveness
Permission strategy
- Principle of least privilege - grant only necessary permissions to each group
- Documentation - maintain clear records of group purposes and permissions
- Testing - verify permissions work as expected before deploying to production
Security considerations
- Access audits - regularly review group memberships and permissions
- Change management - implement processes for permission modifications
- Monitoring - track permission usage and identify potential issues
Effective group and permission management ensures users have appropriate access to perform their work while maintaining security and data integrity across your workspace.