Product-based permissions

Managing product-based permissions in the Codat Portal

Product-based permissions give clients more control over which companies users can access, based on the products assigned to them.

These permissions work alongside existing roles. Only administrators can assign product-based permissions.

How permissions work

Full access to all products
Cannot edit their own product assignment, as they already have unrestricted access

Can’t access Settings > Users
Can’t change user roles
Can’t change product assignments
Must be assigned a product before they can create or view companies
From a user perspective: until a product is assigned, no companies are visible and new companies can’t be created

Once a product has been assigned, these users can create companies.

Role	Access to product	Can edit user roles	Can assign products	Can access Settings > Users	Can create/view companies
Administrator	Full access	✔	✔	✔	✔
Developer	Full access	✘	✘	✔	✔
Analyst	Product required	✘	✘	✘	Only after product assigned
Onboarding	Product required	✘	✘	✘	Only after product assigned

If you’re using Enterprise SSO, ensure the correct Active Directory group is assigned to each user (Administrator, Developer, Analyst, or Onboarding).
New users set up as Analysts or Onboarders must log in to the Portal via SSO before a product can be assigned.

Changes to a company’s product assignments update automatically when users refresh the Portal.
If an Administrator adds a product to a company that a user doesn’t have access to, the user can still see that the product has been assigned but won’t have access to it.
When a company has multiple products assigned, users see all products they have permission to access.

Was this page useful?

👏

👍

🤔

👎

😭