Overview
The level of access that a firm user has to Fieldguide is determined by their role and permissions. You can customize roles and permissions to grant additional access.
About permissions
There are three categories of permission settings that can be assigned to a firm user:
Role-based permissions control access to firm (system) settings, client settings, engagement management, and templates. These are granted by assigning a role to the user in their account settings. Every user account has a role.
Engagement permissions control access to what a non-admin user can do inside an individual engagement that they are a member of, like viewing and editing sheets, requests, documents, and reports. These are granted by assigning an engagement permission group to the user inside a specific engagement.
Insights permissions control access to Insights for all users except system admins. These are granted by assigning an Insights permission group to the user in their account settings.
About roles
A firm user's access level depends primarily on their role. The table below provides an overview of the roles that can be assigned.
Role | Definition |
System Admin | This is a "super admin" role designed for your highest level administrators. Users with this role have unlimited access to all aspects of engagements and system settings, including data deletion. |
Firm Admin | This is an admin role designed for firm managers. Users with this role have extensive access to engagements and system settings, but with some limitations on data deletion. |
Firm Admin Limited | This is an admin role with the same permissions as Firm Admin, but with additional limitations available on engagement visibility. |
Firm Member | This role is designed for standard firm users. Users with this role have limited access to engagements and system settings. |
Custom roles | These are the roles created by your firm's admins, which can have custom names and permission settings. |
Other default roles: Some firms also have access to the Firm IT Admin role, a built-in role for dedicated user management that's available by request. See Firm IT Admin role for details.
View all roles and their permission settings under Settings > Roles.
Roles differ in the level of access they grant to users in these areas:
Firm management: Permissions related to configuring firm settings (which includes SSO configuration) and managing firm users.
Client management: Permissions related to managing client companies, client users, and controls.
Engagement management: Permissions to view all engagements, and permissions to create and delete engagements.
Template management: Permissions to view, add, and delete templates.
Configure roles
Roles control what level of access a user has system and admin features, engagement visibility, and engagement access. View and manage the available roles under Settings > Roles.
To create a new custom role, click +Role.
To edit a custom role, open the vertical ellipses menu and click Edit.
To delete a custom role, open the vertical ellipses menu and click Delete. You'll be asked to select a replacement for any users who currently have this role.
Default roles (highlighted in grey) can't be edited.
Some permissions are only available on default roles, such as "can configure firm settings". Non-configurable permissions won't appear as options in the custom role configuration menu.
Set a user's role
To set the role on a user's account, follow these steps:
Go to Settings > Users and open the user's settings.
Select an option from the Role menu.
Configure engagement permissions
Engagement permissions control what features a user can access inside an engagement that they are a member of. They don't apply to users with admin roles, who have full permissions on any engagements they can access.
View and manage the available engagement permissions under Settings > Permissions > Engagement Permissions.
For a full list of the available customization options for engagement permissions, see here.
Set a user's engagement permission
To set a user's permission in an engagement, follow these steps:
Open the engagement, and go to Settings > Access.
Click Edit 🖊️ and select an engagement permission.
Engagement permissions are set per-user and engagement. To save time, you can set a default engagement permission for a user in their account settings. This permission will apply to them by default when they're added to an engagement. You can change it anytime.
Configure Insights permissions
Insights permissions control what Insights features a user can access. They don't apply to users with the system admin role, who can always view Insights.
View and manage the available Insights permissions under Settings > Permissions > Insights Permissions.
Set a user's Insights permission
To set the Insights permission on a user's account, follow these steps:
Go to Settings > Users and open the user's settings.
Select an option from the Insights menu.
