To view this content in our official product documentation, click here.
Introduction
This page details roles and permissions for key areas of the Patchworks platform. User accounts can be associated with one of four possible roles:
- Administrator
- Manager
- User
- Read-only
The tables below summarise dashboard access by role. It's important to be aware that available features are determined by your core subscription tier. So, although a user's role might be associated with permissions to access a given feature, that feature is only available if it's included in the active subscription tier - think of it as 'tier trumps role'. For example:
- Bob is assigned the
managerrole - By default, the
managerrole has required permissions to create and update custom scripts - Bob's company is associated with a
standardsubscription tier, which permits read-only access to existing custom scripts and other advanced features - Bob can view any existing custom scripts (for example, that have been installed via blueprints), but he cannot make any changes and he cannot create his own scripts
- Jack is assigned the
managerrole - By default, the
managerrole has required permissions to create and update custom scripts - Jack's company is associated with a
professionalsubscription tier, which permits full access to custom scripts and other advanced features - Jack can view, create and update custom scripts as needed
All permissions refer to **entities** **associated with your own company profile**. If you manage multiple company profiles, please see our Multi-company profiles section for more information.
Roles determine access to create/read/update/delete functionality. There is nothing in the setup or execution of process flows that's tied explicitly to a user. For example, when a connector is authenticated, we don't check anything about who created it.
How are roles assigned to users?
When someone registers for a Patchworks account, they are assigned to the administrator role, automatically. This user can go on to create additional users and/or assign roles to other users as needed.
Typically, there is one administrator for each organisation. If you require more than one user with this role, please raise a support request.
Roles & permissions summary
The tables below summarise access by role for key tasks within the Patchworks dashboard:
- Company permissions
- Company users
- Linked companies
- Marketplace
- Private marketplaces
- Connectors
- Connector instances
- Process flows
- Virtual environments
- Run logs
- General settings
- Custom scripts
- Cross-reference lookups
- Caches
- Patchworks API
Company profile
Company permissions refer to features that are available from settings > my company profile.
| Task | Allowed roles |
|---|---|
| View company profile | administrator, manager, user, read-only |
| Update company profile name | administrator |
| Update company profile contact information | administrator, manager |
| Add & manage banner messages | administrator |
| Delete company profile | administrator |
Company admin
Company admin refers to features that are available from settings > company admin.
| Task | Allowed roles |
|---|---|
| View/access company admin options | administrator |
| SSO setup | administrator |
Company users
Company user permissions refer to features that are available from settings > my company profile > extra > users.
| Task | Allowed roles |
|---|---|
| View company users | administrator, manager, user, read-only |
| Search company users | administrator, manager, user, read-only |
Create company user with an administrator role |
patchworks support |
Create a company user with a manager role |
administrator |
Create a company user with a user or read-only role |
administrator, manager |
| Update details for an existing company user (all roles) | administrator, manager |
Elevate an existing read-only account to a user role |
administrator, manager |
Elevate an existing user or read-only account to a manager role |
administrator |
Elevate an existing user, read-only or manager account to an administrator role |
patchworks support |
Demote an existing manager account to a user or read-only role |
administrator, manager |
Demote another administrator account to a manager, user or read-only role |
patchworks support |
| Trigger password reset password for a company user | administrator, manager |
| Update own user details | administrator, manager |
| Elevate or reduce own role | none |
| Enable/disable own MFA | administrator, manager, user, read-only |
| Delete company user | administrator, manager |
| Restore company user | administrator, manager |
| Delete own user profile | administrator, manager |
Company insights
Company insights refers to your account summary company insights page.
| Task | Allowed roles |
|---|---|
| View company insights | administrator, manager, user, read-only |
Linked companies
Permissions in this section are only relevant if you use Patchworks to manage multiple companies - i.e. you have a multi-company profile with one or more linked companies.
| Task | Allowed roles |
|---|---|
| Linked companies | |
| Adding & linking a new company to your multi-company profile | patchworks support, administrator |
| Switch in & out of linked companies | administrator, manager |
| Update subscriptions for linked companies | patchworks support, administrator |
| View linked companies for your multi-company profile | administrator, manager |
| Un-linking a company from your multi-company profile | patchworks support |
| Team members | |
| View team members for own company | administrator, manager, user, read-only |
| Create new team member to manage a linked company | administrator |
| Assign user roles for an existing team member | administrator, manager |
| View team members who manage a linked company | administrator, manager |
| Grant & revoke access for team members to manage a linked company | administrator, manager |
| Trigger a password reset for an existing team member | administrator, manager |
| Removing a team member account | administrator, manager |
| 'Native' company users | |
| View 'native' users for a linked company | administrator, manager |
| Create a new 'native' user for a linked company | administrator, manager |
| Assign user roles for an existing 'native' company user | administrator, manager |
| Trigger a password reset for an existing 'native' company user | administrator, manager |
| Remove a 'native' linked company user from their company profile | administrator, manager |
Marketplace
Marketplace permissions refer to features that are available from the marketplace page.
| Task | Allowed roles |
|---|---|
| Install marketplace blueprints | administrator, manager |
| Build blueprints | administrator |
| Browse & view marketplace connectors | administrator, manager, user, read-only |
| Install marketplace connectors | administrator, manager |
| Update marketplace connectors | administrator, manager |
| Browse & view marketplace process flows | administrator, manager, user, read-only |
| Install marketplace process flows | administrator, manager |
| Browse marketplace scripts | administrator, manager, user, read-only |
| Preview script from scripts list | administrator, manager, user, read-only |
| Install marketplace scripts | administrator, manager |
Private marketplaces
Private marketplace permissions refer to features available to work with private marketplace resources.
| Task | Allowed roles |
|---|---|
| View private marketplace | administrator, manager, user, read-only |
| Install resources (blueprints, connectors, process flows, scripts, cross-reference lookups) | administrator, manager |
| Upload resources (blueprints, connectors, process flows, scripts, cross-reference lookups) | administrator |
Private blueprints
Blueprint permissions refer to features that are available from the private marketplace, and the blueprint installs page.
| Task | Allowed roles |
|---|---|
| View private blueprints | administrator, manager, user, read-only |
| Build a private blueprint | administrator, manager |
| Update a private blueprint | administrator, manager |
| Bulk update blueprint installations | administrator, manager |
| Manually accept a blueprint update | administrator, manager |
| Delete a blueprint | administrator, manager |
Connectors
Connector permissions refer to features that are available from the my connectors page.
| Task | Allowed roles |
|---|---|
| Browse installed connectors | administrator, manager, user, read-only |
| View installed connector settings | administrator, manager |
| Update installed connector settings | administrator, manager |
| Delete installed connectors | administrator, manager |
Connector instances
Connector instance permissions refer to features that are available from the my connectors page.
| Task | Allowed roles |
|---|---|
| View connector instances | administrator, manager, user, read-only |
| View connector instance settings | administrator, manager, user, read-only |
| Update connector instance settings | administrator, manager |
| Delete connector instances | administrator, manager |
Process flows
Process flow permissions refer to features that are available from the process flows page.
| Task | Allowed roles |
|---|---|
| View process flow list | administrator, manager, user, read-only |
| View canvas content for existing process flows | administrator, manager, user, read-only |
| Create process flows (add/update/remove shapes) | administrator, manager |
| Update process flows (add/update/remove shapes) | administrator, manager |
| Create cache (cache shape settings) | administrator, manager |
| Create data pool (de-dupe shape settings) | administrator, manager |
| Delete process flows | administrator, manager |
| Run process flow manually | administrator, manager |
| Enable & deploy process flows (process flow settings) | administrator, manager |
| Apply/remove labels (process flow settings) | administrator, manager |
| Create labels (process flow settings) | administrator, manager |
| Apply/remove email failure groups (process flow settings) | administrator, manager |
| Add flow variables (process flow settings) | administrator, manager |
| Update flow variables (process flow settings) | administrator, manager |
| Remove flow variables (process flow settings) | administrator, manager |
| Duplicate process flow (process flow settings) | administrator, manager |
Virtual environments
Virtual environment permissions refer to features used to work with virtual environments.
| Task | Allowed roles |
|---|---|
| View virtual environments | administrator, manager, user, read-only |
| Create virtual environments | administrator, manager |
| Configure virtual environments | administrator, manager |
| Manage virtual environments | administrator, manager |
| View virtual environment packages | administrator, manager |
| Configure virtual environment packages | administrator, manager |
| Manage virtual environment packages | administrator, manager |
Run logs
Run logs permissions refer to features that are available from the run logs page.
| Task | Allowed roles |
|---|---|
| View run logs list | administrator, manager, user, read-only |
| View run logs | administrator, manager, user, read-only |
| View run logs (classic) | administrator, manager, user, read-only |
| View run log details | administrator, manager, user, read-only |
| Download run logs | administrator, manager |
| View run log payloads | administrator, manager, user, read-only |
| Download run log payloads | administrator, manager |
| Stop process flow | administrator, manager |
General settings
General settings permissions refer to features that are available from the settings page.
| Task | Allowed roles |
|---|---|
| Manage own account settings | administrator, manager |
| View notification groups | administrator, manager, user, read-only |
| Add & manage notification groups | administrator, manager |
| View audit logs | administrator, manager, user, read-only |
| Search audit logs | administrator, manager, user, read-only |
| View labels | administrator, manager |
| Add & manage labels | administrator, manager |
| View data pools | administrator, manager, user, read-only |
| Add & manage data pools | administrator, manager |
| View usage alerts | administrator, manager, user, read-only |
| Add & manage usage alerts | administrator, manager |
For **my company** profile permissions, see company permissions and company users.
Custom scripts
Custom script permissions refer to features that are available from the scripts page.
| Task | Allowed roles |
|---|---|
| View custom scripts list | administrator, manager, user, read-only |
| View custom script details | administrator, manager, user, read-only |
| Create custom scripts | administrator, manager |
| Update custom scripts | administrator, manager |
| Delete custom scripts | administrator, manager |
Cross-reference lookups
Cross-reference lookup permissions refer to features that are available from the cross-reference lookups page.
| Task | Allowed roles |
|---|---|
| View installed cross-reference lookups | administrator, manager, user, read-only |
| Search installed cross-reference lookups | administrator, manager, user, read-only |
| View cross-reference lookup values | administrator, manager |
| Add & manage cross-reference values | administrator, manager |
| Delete cross-reference lookups | administrator, manager |
Caches
Cache permissions refer to features that are available from the data caches page.
| Task | Allowed roles |
|---|---|
| View existing cache lists | administrator, manager, user, read-only |
| Search existing caches | administrator, manager, user, read-only |
| View existing cache details | administrator, manager, user, read-only |
| Update existing cache details | administrator, manager |
| View existing cache contents | administrator, manager, user, read-only |
| Clear existing cache contents | administrator, manager |
| Delete caches | administrator, manager |
Patchworks API
| Task | Allowed roles |
|---|---|
| API access | administrator, manager, user, read-only |
| Generate & manage API keys | administrator, manager |
Comments
0 comments
Please sign in to leave a comment.