Manage roles and permission levels


Roles can be created (1) in the Roles tab of your project settings:‌
To manage a role's permissions, click on it (2):
Creating more than 1 role is only available with the Starter plan or higher.
If your project was created before February 2021, please visit this page to learn how to enable this feature.
The above screenshot shows your role's details page. This is where you'll be managing all permissions which should apply to all the users assigned to this role.‌
Permissions are displayed in 2 sections:‌
    Smart action permissions
    Collection permissions

Smart action permissions

This section lets you to easily manage your smart action permissioins (for this role only). Click Show more (1) to display all permissions, or Edit permissions (2) to directly edit its smart action permissions.‌
    Trigger: Allow users assigned to this role to trigger this smart actions

Approval workflow permissions

If you are using our approval workflow feature, your approval permissions are also managed within roles.‌
The following options become available if you are on the Plus plan or above:‌
    Trigger with approval: Unlike Trigger, the smart action will not be executed unless manually approved
    Approve: Allow users assigned to this role to approve a trigger request
    Approve (self): Allow users assigned to this role to approve their own trigger request

Collection permissions

Collection permissions allow you to enable/disable the following collection-specific permissions:‌
    Read (list): access to the collection's table view data. Note that the collection must also be shown in the layout to be displayed.
    Read (details): access to the details view data of any record of this collection.
    Create: create a record of this collection (N.B: the "Duplicate" permissions is also managed by this permission)
    Update: update a record of this collection
    Delete: delete a record of this collection
    Export: export the list of records of this collection

Control environment access per role

From a role's details page, you can also :‌
    toggle which environments users assigned to this role have access to (1)
    select which environment you wish to view permissions of or edit them (2)
Only remote environments are available here, since development environments have all permissions‌

Export role permissions

At anytime you may export your user role permissions to a CSV file by clicking on Export user permissions from the Users tab:‌
It contains User information (1), Smart action name (2) and Collection name (3). Granted permissions (4) are as follows:‌
    empty: the user is not authorized to use that Smart action as part of that team
    Trigger: the user can trigger that Smart action
    If the approval workflow module is enabled:
      Request: the user can ask for an approval to trigger that Smart action
      Request/approve: the user can ask for an approval to trigger that Smart action and can approve requests of this Smart action except his own
      Request/approve(self): the user can ask for an approval to trigger that Smart action and can approve requests of this Smart action including his own

Permission level

The permission level of a user determines what Forest Admin administration permissions he has. You can assign one of the following permission levels per user:‌
Forest Admin permission level
Manage Data
Customize admin UI (activate layout editor)
Access project settings (environments only)
Access project settings (environments, teams, user roles)

Manage a user's role and permission level

You can change a user's role or permission level from their details page:‌
    Go to the Users tab of your Project settings
    Click on a user in the list
    Change the role and/or permission level assigned to that user
    Don't forget to save
Last modified 11d ago