Skip to main content

The permission catalogue

Application permissions are organised into areas, each covering one part of the platform. Within an area, permissions come in tiers — typically View, Manage, and Admin — that build on each other. This page lists every area and what its permissions grant. You’ll see these exact areas and permissions on the Permissions screen, where you grant them to user groups.

Identity & access

Who can manage users, groups, and the permissions themselves.
PermissionGrants
View usersSee user accounts.
Manage usersCreate, update, enable, and disable user accounts.
View user groupsSee user groups and their membership.
Manage user groupsAdd and remove users from groups.
View permissionsSee the permission catalogue and which groups hold what. Needed to open the Permissions screen.
Manage permissionsGrant and revoke application permissions for user groups. Needed to make changes on the Permissions screen.

Document structure

Who can configure document types, document type groups, keyword assignments, and document access rights. See Document types.
PermissionGrants
View document structureSee document type groups, document types, keyword assignments, and document access rights.
Manage document structureCreate and update document type groups, document types, keyword assignments, and access rights. Includes View.
Document structure administrationFull control, including deleting document types and groups. Includes Manage and View.

Keyword configuration

Who can configure keyword types, keyword type groups, and autofill keyword sets. See Keyword types.
PermissionGrants
View keyword configurationSee keyword types, keyword type groups, autofill keyword sets, and value lists.
Manage keyword configurationCreate and update keyword types, groups, autofill sets, and their values. Includes View.
Keyword configuration administrationFull control, including deleting keyword types, groups, and sets, and removing members. Includes Manage and View.

Client settings

Who can configure platform behaviour for upload, keywords, and shared searches.
PermissionGrants
View / Manage upload behaviourSee or configure how the upload experience behaves.
View / Manage keyword behaviourSee or configure keyword behaviour settings and conditional keyword rules.
View / Manage system searchesSee or configure the system-wide saved searches and folders shared with users.
In each pair, Manage includes everything View grants.

Retention

Who can run and govern the retention and deletion features. This area has the most permissions, covering policies, document actions, approvals, legal holds, simulation, quarantine, and reports.
PermissionGrants
View / Manage retention policiesSee or create, update, and delete retention policies.
View retention documentsSee the retention status and history of documents.
Rescue / Exclude retention documentsPull documents out of, or exempt them from, a policy’s deletion flow.
View / Manage retention approvalsSee or approve and reject deletion batches.
View / Manage legal holdsSee or place and release legal holds.
Run retention simulationsPreview a policy’s impact without changing anything.
View retention quarantine / reportsSee documents that failed processing, and retention reports.
Retention administrationFull control of all retention permissions.
The retention permissions are described in context in the Retention & deletion section.

Managing permissions

Grant and revoke these permissions for user groups on the Permissions screen.

The access model

How application permissions fit alongside document access rights and security keywords.