Overview
Overview
Access Control is maintained at two levels:
- Organization level
- Document level
1. Organization Level
Here are some properties of Organization level access control:
- Access to an Organization can be granted or revoked by adding or removing a User from an organization. A user can be added to multiple organizations but can only log in to one organization at a time.
- By default all organization users have access to all organization data including documents, locations and user contacts.
- Access to documents can be restricted by setting permissions at the document level. (more below)
2. Document Level
Here are some properties of Organization level access control:
-
A document has three types of access:
public
:default
Any user who logs into the given document id can access the document whether or not they are part of the organization or the document.organizationPrivate
: Only all organization users have access to the document.restricted
: Only users explicitly added to the document have access. Organization users not explicitly added will not have access.
-
Access to a Document can be granted or revoked by adding or removing a User from a document. Document level access overrides organization level access. Eg: if a document is restricted, only users explicitly added to the document will have access to it.
-
Access can also be granted or revoked by adding or removing organization user groups.
(coming soon)
-
Organization users can access the entire Organization contact list in the Document.
-
Guest (Non-organization) users who have access to the document cannot access the Organization contact list. If you want to show some organization contacts to these guest users, then you need to explicitly add those contacts to the document.
Was this page helpful?