Roles & permissions summary
Introduction
This page details roles and permissions for key areas of the Patchworks platform. User accounts can be associated with one of four possible roles:
Administrator
Manager
User
Read-only
The tables below summarise dashboard access by role. It's important to be aware that available features are determined by your core subscription tier. So, although a user's role might be associated with permissions to access a given feature, that feature is only available if it's included in the active subscription tier - think of it as 'tier trumps role'. For example:
All permissions refer to entities associated with your own company profile. If you manage multiple company profiles, please see our Multi-company profiles section for more information.
How are roles assigned to users?
When someone registers for a Patchworks account, they are assigned to the administrator role, automatically. This user can go on to create additional users and/or assign roles to other users as needed.
Typically, there is one administrator for each organisation. If you require more than one user with this role, please raise a support request.
Roles & permissions summary
The tables below summarise access by role for key tasks within the Patchworks dashboard:
Company permissions
Company permissions refer to features that are available from settings > my company profile.
| Task | Allowed roles |
|---|---|
View company profile | administratormanageruserread-only |
Update company profile name | administrator |
Update company profile contact information | administratormanager |
Delete company profile | administrator |
Company users
Company user permissions refer to features that are available from settings > my company profile > extra > users.
| Task | Allowed roles |
|---|---|
View company users | administratormanageruserread-only |
Search company users | administratormanageruserread-only |
Create company user with an | patchworks support |
Create a company user with a | administrator |
Create a company user with a | administratormanager |
Update details for an existing company user (all roles) | administratormanager |
Elevate an existing | administratormanager |
Elevate an existing | administrator |
Elevate an existing | patchworks support |
Reduce an existing | administratormanager |
Reduce another | patchworks support |
Trigger password reset password for a company user | administratormanager |
Update own user details | administratormanager |
Elevate or reduce own role | none |
Enable/disable own MFA | administratormanageruserread-only |
Delete company user | administratormanager |
Delete own user profile | administratormanager |
Linked companies
Permissions in this section are only relevant if you use Patchworks to manage multiple companies - i.e. you have a multi-company profile with one or more linked companies.
| Task | Allowed roles |
|---|---|
Adding & linking a new company to your multi-company profile | patchworks support |
Switch in & out of linked companies | administratormanager |
View linked companies for your multi-company profile | administratormanager |
Un-linking a company from your multi-company profile | patchworks support |
View team members for own company | administratormanageruserread-only |
Create new team member to manage a linked company | administrator |
Assign user roles for an existing team member | administratormanager |
View team members who manage a linked company | administratormanager |
Grant & revoke access for team members to manage a linked company | administratormanager |
Trigger a password reset for an existing team member | administratormanager |
Removing a team member account | administratormanager |
View 'native' users for a linked company | administratormanager |
Create a new 'native' user for a linked company | administratormanager |
Assign user roles for an existing 'native' company user | administratormanager |
Trigger a password reset for an existing 'native' company user | administratormanager |
Remove a 'native' linked company user from their company profile | administratormanager |
Marketplace
Marketplace permissions refer to features that are available from the marketplace page.
| Task | Allowed roles |
|---|---|
Browse marketplace apps | administratormanageruserread-only |
Install marketplace apps | administratormanager |
Build apps | administrator |
Browse & view marketplace connectors | administratormanageruserread-only |
Install marketplace connectors | administratormanager |
Update marketplace connectors | administratormanager |
Browse & view marketplace process flows | administratormanageruserread-only |
Install marketplace process flows | administratormanager |
Browse marketplace scripts | administratormanageruserread-only |
Preview script from scripts list | administratormanageruserread-only |
Install marketplace scripts | administratormanager |
Private marketplaces
Private marketplace permissions refer to features that are available for users who manage linked companies via a multi-company profile.
| Task | Allowed roles |
|---|---|
View own or parent private marketplace | administratormanageruserread-only |
Download resources (apps, connectors, process flows, scripts, cross-reference lookups) | administratormanager |
Upload resources (apps, connectors, process flows, scripts, cross-reference lookups) | administrator |
Connectors
Connector permissions refer to features that are available from the my connectors page.
| Task | Allowed roles |
|---|---|
Browse installed connectors | administratormanageruserread-only |
View installed connector settings | administratormanager |
Update installed connector settings | administratormanager |
Delete installed connectors | administratormanager |
Connector instances
Connector instance permissions refer to features that are available from the my connectors page.
| Task | Allowed roles |
|---|---|
View connector instances | administratormanageruserread-only |
View connector instance settings | administratormanageruserread-only |
Update connector instance settings | administratormanager |
Delete connector instances | administratormanager |
Process flows
Process flow permissions refer to features that are available from the process flows page.
| Task | Allowed roles |
|---|---|
View process flow list | administratormanageruserread-only |
View canvas content for existing process flows | administratormanageruserread-only |
Create process flows (add/update/remove shapes) | administratormanager |
Update process flows (add/update/remove shapes) | administratormanager |
Create cache (cache shape settings) | administratormanager |
Create data pool (de-dupe shape settings) | administratormanager |
Delete process flows | administratormanager |
Run process flow manually | administratormanager |
Enable & deploy process flows (process flow settings) | administratormanager |
Apply/remove labels (process flow settings) | administratormanager |
Create labels (process flow settings) | administratormanager |
Apply/remove email failure groups (process flow settings) | administratormanager |
Add flow variables (process flow settings) | administratormanager |
Update flow variables (process flow settings) | administratormanager |
Remove flow variables (process flow settings) | administratormanager |
Duplicate process flow (process flow settings) | administratormanager |
Run logs
Run logs permissions refer to features that are available from the run logs page.
| Task | Allowed roles |
|---|---|
View run logs list | administratormanageruserread-only |
View run log summary | administratormanageruserread-only |
View run log details | administratormanageruserread-only |
View run log payloads | administratormanageruserread-only |
Stop process flow | administratormanager |
General settings
General settings permissions refer to features that are available from the settings page.
| Task | Allowed roles |
|---|---|
Manage own account settings | administratormanager |
View notification groups | administratormanageruserread-only |
Add & manage notification groups | administratormanager |
View audit logs | administratormanageruserread-only |
Search audit logs | administratormanageruserread-only |
View labels | administratormanager |
Add & manage labels | administratormanager |
View data pools | administratormanageruserread-only |
Add & manage data pools | administratormanager |
For my company profile permissions see company permissions and company users.
Custom scripts
Custom scripts permissions refer to features that are available from the scripts page.
| Task | Allowed roles |
|---|---|
View custom scripts list | administratormanageruserread-only |
View custom script details | administratormanageruserread-only |
Create custom scripts | administratormanager |
Update custom scripts | administratormanager |
Delete custom scripts | administratormanager |
Cross-reference lookups
Cross-reference lookup permissions refer to features that are available from the cross-reference lookups page.
| Task | Allowed roles |
|---|---|
View installed cross-reference lookups | administratormanageruserread-only |
Search installed cross-reference lookups | administratormanageruserread-only |
View cross-reference lookup values | administratormanager |
Add & manage cross-reference values | administratormanager |
Delete cross-reference lookups | administratormanager |
Caches
Cache permissions refer to features that are available from the data caches page.
| Task | Allowed roles |
|---|---|
View existing cache lists | administratormanageruserread-only |
Search existing caches | administratormanageruserread-only |
View existing cache details | administratormanageruserread-only |
Update existing cache details | administratormanager |
View existing cache contents | administratormanageruserread-only |
Clear existing cache contents | administratormanager |
Delete caches | administratormanager |
Inbound API
| Task | Allowed roles |
|---|---|
Obtain API token | administratormanageruserread-only |
Initialise process flow with payload | administratormanageruserread-only |
Last updated
