Guide
Default visibility
Admin access with architect mode on required.
Manage who can see all users in your workspace and whom all other users can also see in Users → Access:
The visibility is enforced throughout the workspace: someone without the right permissions won't be able to find, assign, or mention a person they aren't supposed to know about.
Everyone including guests
Who (rows) see whom (columns) | Admins | Members | Observers | Guests |
Admins | :kot-checkmark: | :kot-checkmark: | :kot-checkmark: | :kot-checkmark: |
Members | :kot-checkmark: | :kot-checkmark: | :kot-checkmark: | :kot-checkmark: |
Observers | :kot-checkmark: | :kot-checkmark: | :kot-checkmark: | :kot-checkmark: |
Guests | :kot-checkmark: | :kot-checkmark: | :kot-checkmark: | :kot-checkmark: |
Everyone but guests
Who (rows) see whom (columns) | Admins | Members | Observers | Guests |
Admins | :kot-checkmark: | :kot-checkmark: | :kot-checkmark: | :kot-checkmark: |
Members | :kot-checkmark: | :kot-checkmark: | :kot-checkmark: | :kot-checkmark: |
Observers | :kot-checkmark: | :kot-checkmark: | :kot-checkmark: | :kot-checkmark: |
Guests | :kot-checkmark: | :kot-checkmark: | :kot-checkmark: | ❌ |
Everyone with a trusted domain
Who (rows) see whom (columns) | @trusted.domain | not @trusted.domain |
@trusted.domain | :kot-checkmark: | :kot-checkmark: |
not @trusted.domain | :kot-checkmark: | ❌ |
Admins can still see everyone and be seen by everyone even if they are outside of the trusted domain.
Admins
Who (rows) see whom (columns) | Admins | Members | Observers | Guests |
Admins | :kot-checkmark: | :kot-checkmark: | :kot-checkmark: | :kot-checkmark: |
Members | :kot-checkmark: | ❌ | ❌ | ❌ |
Observers | :kot-checkmark: | ❌ | ❌ | ❌ |
Guests | :kot-checkmark: | ❌ | ❌ | ❌ |
User Group members visibility
By default, members of the same User Groups can see each other, even if you've configured strict default visibility.
If you'd prefer members not to see each other, you can turn off the corresponding toggle in Users → Access:
Alternatively, you can disable it in the Access settings of a particular User Group DB:
Simply remove the default Member template next to your User Group membership Field.
User management
By default, only Admins can manage Users. If you, as an Admin, find yourself a bottleneck and would like to delegate user management to someone else, you can do so:
Go to Users → Access
Find Who can manage all users setting
Select Users and User Groups
This feature is exclusive to Pro and Enterprise plans.
Capabilities
This delegates the following powers regarding Users:
Some powers stay with Admins:
Deactivate, demote, or delete other Admins.
Change who can manage all Users.
Configure SAML SSO and other workspace settings, even if they are user-related.
Access templates
Ensure people working on the same thing can see each other, even if you've configured a strict default users visibility.
Use Custom Access Templates for Sharing Entities and extend access via People Fields: