Built-in roles
Caseware Cloud comes with several built-in roles. These roles define both the type of access and operations a user can perform in Cloud. There are two types of built-in roles: Staff roles and Contact roles.
To view the built-in roles, go to the Settings page, then select Security | Role Permissions.
Select a role to view more information about it in the menu on the right-hand side of the page.
Notes:
-
Built-in roles cannot be modified or deleted.
-
Each organization must have at least one user with the Admin role. This user has all permissions and the ability to modify any organization setting.
Staff roles
The following tables describe the built-in staff roles.
Admin roles
Admin roles provide privileges at the system level. Staff with these roles can shape and define the organization's Cloud environment — including its members.
Role | Scope | Description |
---|---|---|
Admin | System-wide | Every organization must have at least one staff member with the Admin role. Admins have all permissions and the ability to modify any organization setting. Note: You must still allocate app licenses (for apps that require them) to staff with the Admin role. |
Settings Admin | System-wide | Settings Admins can edit all system settings. |
Staff Admin | System-wide | Staff Admins can create, view, edit and delete staff and staff groups. |
Entities Admin | System-wide | Entities Admins can create, view, edit and delete contacts, contact groups, entities, and all content within entities. |
Content roles
Content roles provide privileges at the system, entity or content level.
-
If a role is assigned at the system level, it applies to all entities in the organization.
-
If a role is assigned at the entity level, it applies to the specified entity.
-
If a role is assigned at the content level, it applies to the specified content.
Role | Scope | Description |
---|---|---|
Owner | System-wide, Entities and content within them | Owners can view, edit and delete entity content, and assign roles to other staff where they have this role. |
Editor | System-wide, Entities and content within them | Editors can view and edit entity content where they have this role. |
Viewer | System-wide, Entities and content within them | Viewers can view entity content where they have this role. |
Entity Access | System-wide, Entities and content within them | Entity Access allows staff to access entities where they have this role, so that they can be assigned a security role on content such as an activity or a file. It does not allow them to view or edit staff, contacts or other entity content, but does allow them to view the entity summary and details. This role is typically assigned to staff who would otherwise not know that an entity exists. |
Contact roles
Contact roles provide privileges at the entity or content level. Contacts with these roles can access Cloud in a limited capacity, or not at all (with the Associated role).
Role | Scope | Description |
---|---|---|
Contact - Entity Collaborator | Entities and content within them | Contact - Entity Collaborators can create new content and access existing content in entities where they have this role. They can receive file requests. |
Contact - Entity Access | Entities and content within them | Contact - Entity Access allows contacts to access existing content in entities where they have this role. It does not allow them to receive file requests or initiate any communication. |
Associated | Entities and content within them | Associated allows contacts to be associated with an entity. It does not allow them to sign in to Cloud, receive notifications, or access any features. |
Contact - Owner | Entities and content within them | Contact - Owners can view, edit and delete content where they have this role. They cannot share content. This role is automatically assigned on activities or files that contacts create. |
Contact - Editor | Entities and content within them | Contact - Editors can view and edit content where they have this role. They cannot share content. |
Contact - Viewer | Entities and content within them | Contact - Viewers can view content where they have this role. They cannot share content. |