- Roles determine most day to day permissions, like deactivating a user or viewing confidential fields.
- Individual permission settings govern which users can edit or view any given Workflow, data table, or integration. These are separate from roles and are governed per-object, which means per-Workflow, per-Data Table, and for integrations, per-connection
Catalytic has two default roles that determine permissions: Admin and Team member. The two default permission roles allow you to easily set common permissions for each user. The third role, Builder, is for a team member that has Workflow Editing permissions enabled.
A non-member is any user outside your team who is assigned a task or sent a web form.
See the following chart for an overview of basic default permissions.
Roles determine most permissions, but for Data Tables, Workflows, and Integration connections permissions are more granular and set per-object. These individual permission settings affect all users: admins and team members. A user must be explicitly given permission to view or edit a Workflow, data table, or integration object. The Team Owner is the only user that can view or edit any object.
- Individual Workflow Permissions
- Individual Data Table Permissions
- Individual Integration Permissions
It’s easiest to manage Individual permission settings using groups. Create groups for different teams or functions, then grant permissions to those groups rather than granting permissions to individuals. See the Groups page for how to set up groups.
💡Tip: With the default configuration, Workflows and Data tables give edit permissions to all admins, and find permissions to all users. This can be changed in an object’s individual permission settings during setup or at any time.
Individual Workflow permissions overwrite any role level permissions. For example, an Admin without Find/Edit permissions on a Workflow cannot find or edit that Workflow.
The individual Workflow permissions are set per-Workflow. Use this diagram to understand what a user with No Permissions, a user with Find Permissions, or a user with Edit Permissions are each able to do. Individual permissions can look very different Workflow to Workflow.
You can change Individual Workflow permissions at any time, see How to change Workflow permissions.
Individual Data Table permissions overwrite any role level permissions. For example, an admin or team member without permissions to view a data table cannot view the table.
The individual data table permissions are set per-data table. Use this diagram to understand what a user with with Permissions, or a user without Permissions are each able to do. Individual permissions can look very different between data tables.
Individual data table permissions can be changed at any time, see Change data table permissions.
An integration is a connection to an app or tool within Catalytic. Integrations can have multiple connections. Permissions can be set per-connection in Catalytic.
Individual integration permissions overwrite any role level permissions. For example, an admin or team member without permissions to use a connection cannot use the connection.
The individual integration permissions are set per-connection. Use this diagram to understand what the connection creator, a user with Permissions, or a user without Permissions are each able to do.
Individual integration permissions can be changed at any time, see How to change integration permissions.
If the organization of Catalytic permissions is unclear, look at the permissions from two perspectives, the user perspective and the Workflow perspective.
From the user’s perspective
- A team gives the user a role: admin or team member.
- A Workflow or Data Table gives the user permission to edit or view it.
From the Workflow’s perspective
- A user is given editing or viewing permissions.
In the example below, you can see this visualized. On the left, the users Erika and John have roles, and each have unique permission to edit or find different Workflows. On the right, you can see the Workflow’s perspective: each Workflow is assigning find or edit permissions to John and Erika.