Skip to main content

Setting Up Permissions

This guide shows you how to set up a robust permission structure for your organization.

Planning Your Permission Structure

Before creating groups, plan your roles:

RoleWhat They DoExample Groups
AdminsEverythingAdministrators
ManagersUser managementUser Managers
EditorsCreate and edit contentContent Editors
ViewersRead-onlyViewers

Creating Permission Groups

Step 1: Navigate to Groups

  1. Go to Groups in the main menu
  2. Click Create Group

Step 2: Define the Group

Fill in basic information:

  • Name: Clear, descriptive name (e.g., "Content Editors")
  • Slug: Auto-generated URL-friendly ID
  • Description: What this group is for and what they can do

Step 3: Assign Permissions

Add roles/permissions to the group:

  1. Click Add Role
  2. Select the Target (what resource):
    • Users
    • Groups
    • Content
    • Settings
  3. Choose Actions allowed:
    • ☐ Read
    • ☐ Create
    • ☐ Update
    • ☐ Delete
    • ☐ All (*)
  4. Click Add
  5. Repeat for additional permissions

Step 4: Review and Create

  1. Review all permissions
  2. Click Create Group
  3. Group is immediately available for user assignment

Common Permission Patterns

Administrators

Full access to everything:

  • Target: All
  • Actions: All (*)

Content Editors

Can create and edit, but not delete:

  • Target: Content
  • Actions: Read, Create, Update

User Managers

Can manage users but not company settings:

  • Target: Users → Read, Create, Update
  • Target: Groups → Read

Viewers

Read-only access:

  • Target: All
  • Actions: Read

Managing Groups

Editing a Group

  1. Go to Groups
  2. Click the group name
  3. Click Edit
  4. Modify permissions or details
  5. Click Save Changes

Viewing Group Members

To see who's in a group:

  1. Go to Groups
  2. Click the group name
  3. See Members tab
  4. View all users with this group

Deleting a Group

warning

Deleting a group removes those permissions from all users in the group.

  1. Go to Groups
  2. Select the group
  3. Click Delete
  4. Confirm the action

Best Practices

  1. Use descriptive names - "Content Editors" not "Group1"
  2. Start minimal - Give least privilege, add more as needed
  3. Document purposes - Use description field
  4. Regular reviews - Audit permissions quarterly
  5. Test with real users - Verify permissions work as expected

Next Steps

For Developers

Create groups via API: See Permissions API Guide.