About role-based access
User access to features and data in a workspace is managed through a permissions model with multiple levels of access controlled roles. These are governed by a Workspace Administrator.
This detailed level of role-based access control allows users to operate specific features of the platform, subject to having been given specific permission to do so.
All platform users are registered with a default set of permissions at a workspace level, based on a standard set of roles, (Tenant Administrator, Workspace Administrator, Standard User, and Contributor). Further detail on each user role can be found in the relevant knowledge base articles in this section.
Role-based privileges
| Contributor | Standard User | Administrator | |
|---|---|---|---|
| Access/Manipulate Data | |||
| Create, collaborate and delete Files | |||
| Create, preview, publish, delete and run mini-apps | |||
| Install, run and delete software in the virtual desktop | |||
| Create notes, as well as edit and delete their own | |||
| Create comments, as well as edit and delete their own | |||
| View list of workspaces that they have been granted access to, and view associated members | |||
| Manage access to their workspace(s) | |||
| Access the audit of their workspace(s) | |||
| Workspace-to-workspace Airlock |
Note:
- Contributors have no access to the workspace via the UI.
- Workspace Administrators can invite members to, and remove them from, a workspace. They are responsible for ensuring that only appropriate individuals are invited to become members of their workspaces. Get more detail on how to assign user roles.