Skip to main content

Application Roles and Permission Configuration


1. Types of Application Roles

In an application, there are system roles and custom roles. System roles have permissions to manage the app's structure, data, and users. Custom roles are limited to operations within their assigned data permissions.

Administrator

Administrators can manage all configurations and data within the application, except for deleting or locking the app (these actions are reserved for the App Owner only).

  • App Owner

    Among administrators, there is a special role called the App Owner, who is by default the creator of the app. Ownership can be transferred to another user. Each app can have only one owner. Only the App Owner can delete or lock the app. Other permissions are identical to those of an administrator.

The administrator role has fixed permissions. It cannot be modified or deleted.

Operator

Operators focus on data and user management but cannot modify app configurations. Their main permissions include:

  1. Managing Role Owners of custom roles

  2. Managing members under all custom roles

  3. Full access to data: view, edit, and delete all records

Note: Operators cannot copy, delete, or export the app and cannot manage users under system roles. Their permissions are fixed and can only be modified by adjusting role membership.

Developer

Developers focus on configuring the application. Key capabilities include:

  1. Configure navigation/groups, workflows, worksheets, custom pages, create/edit/delete user roles (including portal roles), and external portal settings (including domain configuration)

  2. For cross-app worksheet relationships, the user must be a Developer or Administrator in the referenced app

  3. Data permissions: view records they've joined, edit/delete only records they own

Note: Developers cannot copy, delete, or export the app. Their permissions are fixed and can only be modified by adjusting role membership.

If a user holds both the Operator and Developer roles, their permissions are equivalent to an Administrator—except for the inability to copy, export, or delete the app.

Refer to the final section of this document for a full permission breakdown.

Custom Roles

Administrators or Developers can create new roles and configure their members and permissions independently.

Role Owner

A Role Owner is a special member type within a custom role. Role Owners can manage the role's members, including adding/removing users and assigning other Role Owners.

  • Custom Roles

    Application administrators can create new roles and configure their permissions. By default, each new app includes two predefined custom roles: Member and Read-Only. Admins can reconfigure these roles or create additional ones as needed.

2. Create/Edit a Role

1. Create a Role

  1. Click the Create Role button. Enter the role’s name and description, then proceed to configure its permissions.

  2. Click Save at the bottom to complete the setup, or click Delete to cancel role creation.

This is how the role description appears to users:

2. Edit a Role

Click on the target role to edit its settings, including the name, description, and permission configurations.

After making any changes, click Save to confirm or Cancel to discard modifications.

3. Configure Role Permissions

There are two permission configuration modes:

  • Access to all application items
    All pages, worksheets, and views are visible to the role. Permissions are configured uniformly across all worksheets.

  • Access to selected application items
    Permissions can be configured for specific pages, worksheets, views, and fields, enabling more granular access control and differentiated record-level operations.

Mode 1: Access to All App Items (Simple Mode)

This is a quick and easy configuration mode. All custom pages, worksheets, and views in the application are visible to the role, and permissions are managed uniformly. Field-level permissions are not supported. This mode is suitable for apps with fewer users and roles.

Record View/Edit/Delete Permissions

Four permission configurations are available:

  • 1) View, Edit, and Delete All Records

    • View records: The role can view, edit, and delete all records in all worksheets. This is the most permissive option.
    • The role can manage all data in the app, except for application-level configurations.
  • 2) View All Records, But Only Edit/Delete Owned Records

    • View records: The role can view all records across worksheets.

    • Edit/Delete records: The role can only edit or delete records they own.

    If you’re unsure what constitutes “owned records,” refer to Three Record Roles

  • 3) View Joined Records, Only Edit/Delete Owned Records

    • View records: The role can only see records they’ve joined. Not all records are visible in the view.
    • Edit/Delete records: Only owned records can be edited or deleted.
  • 4) Read-Only for All Records

    All pages, worksheets, views, and records are visible but not editable or deletable.

For options 2 and 3, you may include subordinate records by enabling “Records Owned/Joined by Subordinates .” Subordinates are defined in your Org Chart.

Other Actions: Share, Print, etc.

In addition to record permissions, you can configure common actions such as create, import, export, print, etc.

Mode 2: Access to Selected App Items (Advanced Mode)

This mode allows more flexible, granular permission configurations across four levels:

Level 1: Configure Visible Pages

Determine which worksheets, views, and custom pages a role can access. To operate on records, the view or page that contains them must be visible to the role.

  • 1) Configure Visible Worksheets/Custom Pages

    • Worksheets: Roles must have access to at least one view of a worksheet to see its data.
    • Custom Pages: Only “view” permission is configurable. Edit, delete, and add are not supported for custom pages.
  • 2) Configure Visible Views

    Select which views are visible to the role. Views not selected will be hidden.

Hide from Navigation

In many scenarios, worksheets like order details are accessed only through related records (e.g., from orders). To reduce clutter, you can hide these worksheets from the app navigation while still retaining access permissions.

  • Hide from specific roles

    After configuring permissions, hover over the worksheet name and click the “Hide” icon.

  • Hide from all non-admins

    Hide a worksheet or custom page from all non-admins (non-developers).

tip
  1. Hiding a worksheet only removes it from the navigation menu. It can still be accessed via related worksheets, links, or embedded views in custom pages.

  2. Admin visibility for hidden items can be configured in App Navigation settings.

Level 2: Permissions for Records in Views

View/Edit/Add/Delete Records

There are four available permissions: View, Edit, Delete, Add.

Viewing is a prerequisite for editing or deleting.

Adding records is configured at the worksheet level, not per view.

Export/Import/Print/Share

In addition to add/delete/edit operations, you can configure permissions for system and custom actions via the “Settings” button.

These actions can also be enabled or disabled in the worksheet’s “Function Switch”, which supports view-level settings. Role-based settings apply globally across views.

A user’s final permission is the lower of the two settings.

Level 3: Define Operable Record Scope

After assigning add/edit/delete permissions for records in views, you can refine which records within a view a user may operate on.

For example, in the “Qualified Leads” view, all qualified leads may be visible, but only owned leads can be edited or deleted.

Click the “Settings” button on the right to configure scope.

Available scopes: “All,” “Joined,” and “Owned”.

  • Viewable Records

    • All: View all records in accessible views

    • Joined: View only joined records

    • Subordinate Joined: View joined records by self or subordinates

    See Three Record Roles for details on “joined” records.

  • Editable Records

    • All: Edit all viewable records

    • Owned: Edit only owned records

    • Subordinate Owned: Edit records owned by self or subordinates

  • Deletable Records

    • All: Delete all viewable records

    • Owned: Delete only owned records

    • Subordinate Owned: Delete owned records by self or subordinates

This applies to all views in the worksheet. To set different scopes per view, assign the user to multiple roles.

Level 4: Field-Level Permissions

Even if a record is visible, not all fields need to be visible or editable. Field-level permission allows:

  • Show/hide fields in view/edit mode

  • Define which fields are editable

  • Hide fields when creating new records

To make a field editable, it must also be visible.

Bulk Permission Configuration

Advanced mode supports batch editing permissions across multiple worksheets.

You can batch configure:

  • Operable record scope
  • Editable fields
  • System actions: Share, Import, Export, Print, Discussion, Logs

Notes:

  • Ensure you have the necessary permissions for each worksheet before editing. For example, if “Delete” is not enabled for the “Contacts” worksheet, bulk configuration of delete permissions will not apply.

  • Bulk editing does not include custom actions or payment-related settings.

Hide Applications

When an app is hidden from members, it will no longer appear in the application list on the home page.

Hiding only removes the app from the home page list. Members can still access the app through notification messages, shared links, etc.

4. Add Members to a Role

After creating a role, go to the User tab, click the role name, and then click Add Users.

Add Members by Person

You can add members from the Contacts, including internal colleagues or external collaborators via Friends.

You may also share the application link via other channels. When users open the link, they’ll be prompted for identity verification. If they’re not yet a member, they can apply to join.

Add Members by Department/Org-role/Job Title

Adding a department to a role means all current members of that department inherit the role permissions. New members added to that department in the future will also automatically receive this role. The same applies when adding an organizational role or job title.

What does “Current Department Only” mean?

  • Only department name is shown

    The selected department and all its sub-departments are included. Sub-departments are not listed separately. Newly created sub-departments will automatically inherit the role.

  • “Current Department Only” label is shown

    Only the selected department is included. Sub-departments are either not selected or selected individually.

Developer & Operator Permission Details

ModuleFeaturePermissionsAPP Lock
OperatorDeveloperOperator permissions if app locked
APP ManagementCopy/Export/Delete APP
Name & Icon
Navigation Settings
Edit Description
Usage Analysis
Option Set
Application Recycle Bin
Manage APP->Copy
Manage APP->Export
Manage APP->Backup
Manage APP->Restore(Note: In the list of backup files, developer does not have permission to "download backup files and restore to new apps".)
Publish Settings
External Portal-Under approval-Approval-free configuration (worksheets from other applications taken with administrator or developer role permissions)
API Development Documents
Application Item-WorksheetName & Icon
Copy
Move to
Display/Hide in Navigation
Delete Worksheet
Edit Form
Worksheet Settings
Name & Icon
Edit Description
Set Field Name
Reset Autonumber
Import from Excel
Recycle Bin
Delete Worksheet
Public Release (Pop-up window after clicking on the [Create Record] -> [Share] button in the upper right corner)
Public Statistics - Add, Set, Move from Public, Copy to, Delete
Public Statistics - Filter, Share, Export (Excel)
Worksheet Logs
View->Configure
View->Change Type
View->Copy
View->Share
View->Share->Public Share
View->Export
View->Display/Hide in Navigation
View->Delete
View->Record->Calibration
Import Data-[Do not allow users to modify the default configuration]
Public Filter
Save as Printing Template ( System Printing, Print QR Code, Print Barcode )
Application Item-Custom PageName & Icon (Menu)
Copy
Move to
Display/Hide in Navigation
Delete custom page
Edit custom page
Name & Icon (Details Page)
Edit description
Display settings
Delete Page
Share Page->Public Share
Share Chart->Public Share
Application-UserEdit/Delete Role, Permissions, Extended Info
Add User
[Send Notification], [Allow View]
Application-External PortalRoles and Permissions, Portal Settings, Edit Custom Domain Name (when locked, developer identity hides the entire external portal))