How permissions and roles work in AmpliFlow.
In AmpliFlow, permissions are controlled by different roles and these can be managed and controlled in slightly different ways.
Roles can be assigned directly to a User or to a Team. All users basically have the role User, which is the base level. In addition to this, you can then be assigned more roles that give different permissions.
The highest authority is Administrator. The administrator is the owner of all functions and can assign permissions at different levels. The Mapper, Planner, and Deviation Manager roles are general roles and grant permissions to several functions related to the area of responsibility. You can also have roles such as Owner, Editor, or Reader for specific functions.
New users are not automatically included in feature-specific permissions. By default, there are no permissions set for functions and they can only be viewed by users with the “Administrator” role.
Â
There can be different groups/teams in AmpliFlow and these groups can be assigned permissions. For example, this could mean that everyone on a specific team has been assigned edit permissions to a specific function in AmpliFlow. When a user is added to the team, the person automatically receives the permissions that the team has, and when a user is removed from a team, the permissions are also removed.
All users in the system are automatically included in the team “All users" (Everyone). This team can be assigned roles just like other teams, which allows you to add the All Users team as Readers for a feature and thus give everyone in your organization read access to the feature.
Â
In order for features such as “Competencies” or “Providers” to appear in user navigation, they must at least have the “Reader” role assigned, either directly or through a team. Only specifically assigned users and administrators see the menu item for the feature.
You can give all users access to a feature by adding the “All Users” team to a role in the permissions settings for the feature.
Example: If you add All Users to the “Reader” role for a feature, it means that the feature appears in the navigation for all users, adding All Users to the Editor role means that everyone can make changes, etc.
Features like “Customers” and “Employee Calls” have different permission rules that apply only to that feature. For example, a user with the Reader role for “Customers” can see all customers, but in “Employee Calls”, users with the Reader role can only see the employee conversations they have access to - their own and those they manage.
Â
Users only see the checklists they have access to and the steps assigned to the Team that the user belongs to. By assigning the steps in a checklist template to one or more teams, you can control access to checklists. Thus, there may be several steps in a checklist that the individual user does not see because the user does not belong to the “right” team.
Permissions to Custom Lists are controlled using Permissions settings and you can assign the Owner, Editor, Reader, and User roles. Custom lists can have different custom permissions for each list/list type, and checklists started from the custom lists always inherit permissions from the list.
The “Access Restriction” feature allows users to restrict access so that they can only see the Custom Lists they have been assigned permission to. User permissions allow the user to view, add, edit, archive, and delete Custom Lists marked with “Access Restriction”. As a manager, you also have access to lists assigned to the users you manage.
Turn on Access Restriction for a Custom list by adding the “User” property and checking “Access Limiting” in the list template for the custom list (Administrator/Custom Lists).
‍
For a user to access a Custom list that is marked with Access Restriction, you must:
Some roles and permissions may be specific to certain functions and implementation may vary between organizations depending on how they have configured their AmpliFlow system.
The user's profile shows all roles that are directly assigned and which teams the user is part of.
To manage permissions effectively, we recommend starting by rolling out features to smaller groups and running a pilot before turning it on for all users.