Permissions and roles
Open Permissions when you need to decide who can create protocols, manage clients, view statistics, or work with users. Each user has a role, and that role controls which parts of the app are available.
When to use this page
- When adding a new user in user management
- When a role needs more or less access than the default
- When a user cannot see a menu item or action they need
- When checking who can access sensitive data, settings, or activity
Note: Menu items and available actions are shown according to permissions set by the administrator.
Access
- 🖥️ Desktop: Click Permissions in the left panel.
- 📱 Mobile: Tap More in the bottom bar → Permissions.
Note: Permission management is available only to users who have access to it. An internet connection is required.
Roles and management scope
The matrix shows configurable roles. The protected full administrator has all permissions automatically and is not edited in the matrix.
| Role | Common use | What to check |
|---|---|---|
| Manager | Managing the team, clients, protocols, and settings | Whether it should also manage users, permissions, and statistics |
| Technician | Field work, creating protocols, and working with clients | Whether it sees only own protocols or broader data |
| Accountant | Overviews, protocols, and statistics without regular editing | Whether it needs to see activity or reporting records |
| Client | Access to the [[portal/client-portal | client portal]] |
Permission groups
Permissions are grouped so they are easier to find:
| Group | What you configure |
|---|---|
| Protocols | Creating, viewing, and deleting protocols |
| Clients | Viewing, creating, editing, and deleting clients |
| Protocol process | Saving a draft, submitting for review, sending, cancelling, or reopening |
| Reference data (Codebooks) | Access to materials, pests, work types, recommendations, and documents |
| Color tags | Viewing, creating, editing, deleting, and assigning [[codebooks/tags |
| Users | Viewing and managing user accounts |
| System and settings | Access to the app, settings, permissions, statistics, and activity |
| Client portal | Client access to own protocols, data, and portal invitations |
How to work with the matrix
On desktop, permissions are shown in a table. On mobile, each permission is shown as a card with the list of roles.
- Columns or role names show which role you are changing.
- The number next to a role shows how many users have that role. Clicking it opens a filtered user list.
- Each row is one permission.
- A checked box means the role has the permission.
- An empty box means the role does not have the permission.
- A dash means the permission is not shown for that role.
If a permission has an information icon, it opens an explanation panel. The panel can include Description, What it includes, Recommended for, and Related permissions.
Colors and unsaved changes
The legend above the matrix shows whether a permission is in its default state or was changed manually.
| Label | Meaning |
|---|---|
| Default | The permission is in its original state |
| Added | The role did not have this permission by default, but it was added |
| Removed | The role had this permission by default, but it was removed |
After the first change, Unsaved changes appears at the top.
Save and reset
- Adjust permissions in the matrix.
- Check which roles are affected.
- Click Save.
To discard custom changes and return roles to their default setup, use Reset to default and confirm the dialog.
Warning: Reset cannot be undone. Check that this is the correct change before confirming.
Practical use
- A technician needs to edit clients they created: in Clients, allow the relevant edit permission for Technician.
- An accountant needs to review changes in the app: in System and settings, allow activity viewing.
- A client should edit their contact details: in Client portal, allow contact detail editing.
Tip: Start with the default setup and add only the access that the role actually needs.
Frequently asked questions
Why do I not see the full administrator role in the matrix?
The full administrator is protected and has all permissions automatically. The matrix is used to edit configurable roles.
How do I check which permissions a specific user has?
Open Users, check the user role, and then review that role column or card in the permissions matrix.
What should I do when a user cannot see a feature?
Check the user role, the relevant permission group, and save the change. If the user is currently signed in, they may need to refresh the page or sign in again.