Understanding the ProcedureFlow Roles
Permissions for ProcedureFlow users are managed through roles. A user is assigned a role that determines the actions they can perform in ProcedureFlow. Each role has specific permissions.
At a high level, there are two types of "organization roles":
- Normal roles apply to a specific entry point only. These "entry point roles" control what a user can do within that entry point. Each user must be added to whatever entry points are applicable to their job, and they may have a different role for each entry point they are a member of. See Entry Point Roles below.
- The "Org Admin" role grants full control at the organization level (manage entry points, users, settings that apply to the entire organization, etc.). See Org Admin Role below.
Using SCIM? If your organization is using SCIM, then entry point role permissions are managed through SCIM Groups instead; see Using SCIM to Provision Users and Groups.
Entry Point Roles
| Role | Description |
|---|---|
| Viewer | View and navigate the flows |
| Contributor | (Viewer plus) can create change requests to create or modify flows and submit for approval |
| Reporter | (Contributor plus) can view reports |
| Approver | (Reporter plus) can approve submitted change requests |
| Admin | (Approver plus) full control of an entry point (manage members, rename the entry point, etc.) |
Permissions Available for Each Entry Point Role
Permission |
Viewer |
Contributor |
Reporter |
Approver |
Admin |
|---|---|---|---|---|---|
View and navigate flows |
• |
• |
• |
• |
• |
Change the theme (for yourself) |
• |
• |
• |
• |
• |
Star a flow |
• |
• |
• |
• |
• |
Search for flows |
• |
• |
• |
• |
• |
| View change history | • |
• |
• |
• |
• |
| View approved change requests | • |
• |
• |
• |
• |
| Comment on a published change request | • |
• |
• |
• |
• |
| View open change requests | • |
• |
• |
• |
|
| Comment on an open/unpublished change request | • |
• |
• |
• |
|
Create, edit, delete flows |
• |
• |
• |
• |
|
| Submit a change request for approval | • |
• |
• |
• |
|
| View reports | • |
• |
• |
||
| Self-approve your own changes | • |
• |
|||
| Approve change requests | • |
• |
|||
| Change the assignee for a change request | • |
• |
|||
| Add or remove entry point members, including inviting new users * | • |
||||
| Resend a pending user invite | • |
||||
| Change the role of an entry point member * | • |
||||
| Rename an entry point * | • |
* An Entry Point Admin can only add or remove members to the entry point(s) that they are admins for. Similarly they can change the member's role within that entry point, or rename that entry point.
An Org Admin does not need to be a member of an entry point in order to make such changes.
Org Admin Role
An Org Admin has the same access as an Admin on ALL entry points, even if they are not explictly a member of a given entry point.
In addition, only an Org Admin can do the following:
- Invite users to ProcedureFlow including assigning them to one or more entry points
- Withdraw a pending invite
- Disable and enable users
- Change a user's entry point memberships
- Manage entry points (create, copy, archive/delete, add samples)
- Set the theme for the organization
- Create apps and access tokens for integrations
How does one become an Org Admin?
There is always one initial Org Admin when your company first starts with ProcedureFlow. When that Org Admin invites users to join ProcedureFlow, in addition to selecting their entry points and role within those entry points, they can also assign the user to be an Org Admin. These new Org Admins can then do the tasks listed above including creating additional Org Admins as needed.
An Org Admin can also "promote" an existing user to an Org Admin on the Administration > Users page.