Roles & permissions summary

Introduction

This page details roles and permissions for key areas of the Patchworks platform. User accounts can be associated with one of four possible roles:

  • Administrator

  • Manager

  • User

  • Read-only

The tables below summarise dashboard access by role. It's important to be aware that available features are determined by your core subscription tier. So, although a user's role might be associated with permissions to access a given feature, that feature is only available if it's included in the active subscription tier - think of it as 'tier trumps role'. For example:

All permissions refer to entities associated with your own company profile. If you manage multiple company profiles, please see our Multi-company profiles section for more information.

How are roles assigned to users?

When someone registers for a Patchworks account, they are assigned to the administrator role, automatically. This user can go on to create additional users and/or assign roles to other users as needed.

Typically, there is one administrator for each organisation. If you require more than one user with this role, please raise a support request.

Roles & permissions summary

The tables below summarise access by role for key tasks within the Patchworks dashboard:

Company permissions

Company permissions refer to features that are available from settings > my company profile.

TaskAllowed roles

View company profile

administratormanageruserread-only

Update company profile name

administrator

Update company profile contact information

administratormanager

Add & manage banner messages

administrator

Delete company profile

administrator

Company users

Company user permissions refer to features that are available from settings > my company profile > extra > users.

TaskAllowed roles

View company users

administratormanageruserread-only

Search company users

administratormanageruserread-only

Create company user with an administrator role

patchworks support

Create a company user with a manager role

administrator

Create a company user with a user or read-only role

administratormanager

Update details for an existing company user (all roles)

administratormanager

Elevate an existing read-only account to a user role

administratormanager

Elevate an existing user or read-only account to a manager role

administrator

Elevate an existing user, read-only or manager account to an administrator role

patchworks support

Reduce an existing manager account to a user or read-only role

administratormanager

Reduce another administrator account to a manager, user or read-only role

patchworks support

Trigger password reset password for a company user

administratormanager

Update own user details

administratormanager

Elevate or reduce own role

none

Enable/disable own MFA

administratormanageruserread-only

Delete company user

administratormanager

Delete own user profile

administratormanager

Linked companies

Permissions in this section are only relevant if you use Patchworks to manage multiple companies - i.e. you have a multi-company profile with one or more linked companies.

TaskAllowed roles

Adding & linking a new company to your multi-company profile

patchworks support

Switch in & out of linked companies

administratormanager

View linked companies for your multi-company profile

administratormanager

Un-linking a company from your multi-company profile

patchworks support

View team members for own company

administratormanageruserread-only

Create new team member to manage a linked company

administrator

Assign user roles for an existing team member

administratormanager

View team members who manage a linked company

administratormanager

Grant & revoke access for team members to manage a linked company

administratormanager

Trigger a password reset for an existing team member

administratormanager

Removing a team member account

administratormanager

View 'native' users for a linked company

administratormanager

Create a new 'native' user for a linked company

administratormanager

Assign user roles for an existing 'native' company user

administratormanager

Trigger a password reset for an existing 'native' company user

administratormanager

Remove a 'native' linked company user from their company profile

administratormanager

Marketplace

Marketplace permissions refer to features that are available from the marketplace page.

TaskAllowed roles

Browse marketplace apps

administratormanageruserread-only

Install marketplace apps

administratormanager

Build apps

administrator

Browse & view marketplace connectors

administratormanageruserread-only

Install marketplace connectors

administratormanager

Update marketplace connectors

administratormanager

Browse & view marketplace process flows

administratormanageruserread-only

Install marketplace process flows

administratormanager

Browse marketplace scripts

administratormanageruserread-only

Preview script from scripts list

administratormanageruserread-only

Install marketplace scripts

administratormanager

Private marketplaces

Private marketplace permissions refer to features that are available for users who manage linked companies via a multi-company profile.

TaskAllowed roles

View own or parent private marketplace

administratormanageruserread-only

Download resources (apps, connectors, process flows, scripts, cross-reference lookups)

administratormanager

Upload resources (apps, connectors, process flows, scripts, cross-reference lookups)

administrator

Connectors

Connector permissions refer to features that are available from the my connectors page.

TaskAllowed roles

Browse installed connectors

administratormanageruserread-only

View installed connector settings

administratormanager

Update installed connector settings

administratormanager

Delete installed connectors

administratormanager

Connector instances

Connector instance permissions refer to features that are available from the my connectors page.

TaskAllowed roles

View connector instances

administratormanageruserread-only

View connector instance settings

administratormanageruserread-only

Update connector instance settings

administratormanager

Delete connector instances

administratormanager

Process flows

Process flow permissions refer to features that are available from the process flows page.

TaskAllowed roles

View process flow list

administratormanageruserread-only

View canvas content for existing process flows

administratormanageruserread-only

Create process flows (add/update/remove shapes)

administratormanager

Update process flows (add/update/remove shapes)

administratormanager

Create cache (cache shape settings)

administratormanager

Create data pool (de-dupe shape settings)

administratormanager

Delete process flows

administratormanager

Run process flow manually

administratormanager

Enable & deploy process flows (process flow settings)

administratormanager

Apply/remove labels (process flow settings)

administratormanager

Create labels (process flow settings)

administratormanager

Apply/remove email failure groups (process flow settings)

administratormanager

Add flow variables (process flow settings)

administratormanager

Update flow variables (process flow settings)

administratormanager

Remove flow variables (process flow settings)

administratormanager

Duplicate process flow (process flow settings)

administratormanager

Run logs

Run logs permissions refer to features that are available from the run logs page.

TaskAllowed roles

View run logs list

administratormanageruserread-only

View run log summary

administratormanageruserread-only

View run log details

administratormanageruserread-only

View run log payloads

administratormanageruserread-only

Stop process flow

administratormanager

General settings

General settings permissions refer to features that are available from the settings page.

TaskAllowed roles

Manage own account settings

administratormanager

View notification groups

administratormanageruserread-only

Add & manage notification groups

administratormanager

View audit logs

administratormanageruserread-only

Search audit logs

administratormanageruserread-only

View labels

administratormanager

Add & manage labels

administratormanager

View data pools

administratormanageruserread-only

Add & manage data pools

administratormanager

For my company profile permissions see company permissions and company users.

Custom scripts

Custom scripts permissions refer to features that are available from the scripts page.

TaskAllowed roles

View custom scripts list

administratormanageruserread-only

View custom script details

administratormanageruserread-only

Create custom scripts

administratormanager

Update custom scripts

administratormanager

Delete custom scripts

administratormanager

Cross-reference lookups

Cross-reference lookup permissions refer to features that are available from the cross-reference lookups page.

TaskAllowed roles

View installed cross-reference lookups

administratormanageruserread-only

Search installed cross-reference lookups

administratormanageruserread-only

View cross-reference lookup values

administratormanager

Add & manage cross-reference values

administratormanager

Delete cross-reference lookups

administratormanager

Caches

Cache permissions refer to features that are available from the data caches page.

TaskAllowed roles

View existing cache lists

administratormanageruserread-only

Search existing caches

administratormanageruserread-only

View existing cache details

administratormanageruserread-only

Update existing cache details

administratormanager

View existing cache contents

administratormanageruserread-only

Clear existing cache contents

administratormanager

Delete caches

administratormanager

Inbound API

TaskAllowed roles

Obtain API token

administratormanageruserread-only

Initialise process flow with payload

administratormanageruserread-only

Last updated