User Permissions are a powerful way to ensure your team is operating with a high-level of security and access. This article will describe the types of access you can restrict with User Permissions.
Please note that all accounts include an Admin User Role (templated set of user permissions) that has access to all following features.
There are four groups of access:
- Account Permissions
- Screening Permissions
- Posthire Permissions
- Position Access
1. Account Permissions
Account permissions includes any setting related to the account as a whole and not to specific positions (e.g. company settings, users management, integrations, etc.).
Manage Integrations
When checked, the user will have access to view/set-up/edit any integrations (i.e. Checkr, Onfido, Lesson.ly, SchoolKeep, etc...) and ability to view the corresponding integration API's.
Access API and Webhooks
When checked, the user will have access to view/copy both Private and Public API keys, as well as the ability to view/set-up/edit all Webhooks.
Manage Message Templates
When checked, the user will have access to view/set-up/edit any messages templates (create or alter emails & SMS) which could be tied to stages within the process flow.
Manage Rejection and On Hold Reasons
When checked, the user will have access to add/remove both "Rejection" and "On Hold" reasons. Please keep
in mind that rejection reasons are tied to rejection emails that get sent to applicants who are rejected.
Manage Custom Fields and Labels
When checked, the user will have access to view/set-up/edit any custom fields and labels that are assigned to applicants and stages.
Manage Scorecards
When checked, the user will have access to view/set-up/edit applicant scorecards. The user will be able to create/edit/delete questions and scoring criteria for any scorecards.
Use Analytics Tools and Exports
Use Analytics Tools
When checked, the user will have access to view/use the analytics tools such as "Activity Overview," "Workflow Conversion," etc.
Use Exports
When checked, the user will have access to create/download various exports (reports) such as "Custom" and "Timestamp" reports that contain applicant data.
2. Screening
Account permissions includes any setting related to the account as a whole and not to specific positions (e.g. company settings, users management, integrations, etc.).
View and Act on Applicants
View Applicants
When checked, the user will have access to view the applicant profile which contains all applicant data fields, communication (email & SMS), view-access to notes, and review the history of applicant activity.
Manage Applicants
When checked, the user will have access to view and use the "Actions" button, move applicants between stages, upload documents to their profile and edit applicant data. The user will also have the ability to create and save 'Notes' when reviewing applicant profiles.
Manage Positions
Manage Positions Workflows And Settings
When checked, the user will have access to position workflows (stages) and settings (timezone, language, etc.). The user will be able to create/edit/delete stages and set emails, SMS, follow up message and automation based on integrations.
Create New Positions
When checked, the user will have access to view/create/delete AND clone positions.
Access Scheduling Tools
Create and Assign Sessions to Self
When checked, the user will be able to add new availability to the calendar and assign the availability to his/herself.
Create and Assign Sessions to Any User
When checked, the user will be able to add new availability to the calendar and assign the availability to any user existing in your Fountain account.
Use Fountain Messenger
When checked, the user will be able to view and respond to both read and unread messages that live in Messenger.
Access Secure Data
When checked, the user will be able to view and edit any data field marked as "Secure" (PII), for example: SSN, banking info, passport info, etc.
Access Secure Files
When un-checked, users will NOT be able to see files. Note that all files are secure files and there is not an option to make files non-secure. Users with this permission will be able to see the files in the applicant's profile; the files will be hidden for the users without the permission to Access Secure Files.
3. Posthire
Account permissions includes any setting related to the account as a whole and not to specific positions (e.g. company settings, users management, integrations, etc.).
View and Act on Workers
View Workers
When checked, the user will be able to view the Worker Table in Posthire, which includes workers' names, phone numbers, any recurring checks that are being run, etc.
Manage Workers
When checked, the user will be able to use the 'Actions' button in the Worker Table to send email/SMS to, request information from, deactivate, or delete workers.
Manage Recurring Checks
When checked, the user will be able to add, edit, and delete both recurring checks for data collection and background checks in Posthire.
2. Screening Permissions
Screening permissions include any positions and applicants-related actions (e.g. creating and editing positions, adding applicants, scheduling sessions, etc.).
We can restrict users' access to positions regardless of their permissions. (Admins, of course, have access to all positions.) All screening and Posthire actions are applicable to accessible positions (described below).
Stage Access
Users can have full access to a position (to all stages) or restricted access (only to some stages).
When a user does not have access to a stage:
- he/she cannot move applicants to or from the stage regardless of his/her permissions;
- he/she cannot act on applicants from the stage (e.g. send messages) regardless of his/her permissions;
- he/she cannot add availability to the calendar for the stage.
Guest users who (who have restricted access):
- cannot modify a position’s settings and workflow;
- cannot access Posthire for the position.
Accessible Positions
Accessible positions for a user include:
- all stages from all positions if the user is an admin or positions admin;
- stages from public positions, owned positions, and private positions which the user has full access to, as well as and stages from private positions which the user has explicitly been granted access.
Positions List
The positions list contains only accessible positions, as described above.
Actions that require certain permissions:
- Reorder positions
Required permissions: admin or positions admin + manage_funnels - Add a position
Required permissions: admin or create_funnels - Clone a position
Required permissions: admin or create_funnels - Edit Position
- Edit Form
Page: /my_account/funnels/my_funnel/form
Required permissions: admin or position owner or (full access and manage_funnels). - Edit Workflow
Page: /my_account/funnels/my_funnel/workflow
Required permissions: admin or position owner or (full access and manage_funnels). - Edit Settings
Page: /my_account/funnels/my_funnel
Required permissions: admin or position owner or (full access and manage_funnels). - Edit Validation Groups
Page: only available through dialog
Required permissions: admin - Delete Position
Required permissions: admin or position owner - Manage On Hold reasons and Rejection reasons
Required permissions: admin or reasons. - Manage Labels
Required permissions: admin or custom_fields
Applicant Table
Actions that require certain permissions:
- Add/import applicants
Required permissions: admin or position owner or full access + manage_applicants - All actions under the 'Actions' button
Required permissions: admin or manage_applicants or position owner
Sessions
Actions that require certain permissions:
- All actions under the 'Action' button:
Required permissions: users with admin or manage_applicants or manage_all_slots permissions OR position owner OR session assignee
Calendar
Actions that require certain permissions:
- Add new availability
- Users with admin, manage_applicants or manage_all_slots permissions can create availability slots for any position’s users.
- Users with restricted position access can only create available slots for accessible stages.
- Users with manage_own_slots permissions can only create slots for themselves.
- Edit existing sessions
- Users with admin, manage_applicants or manage_all_slots permissions can edit all availability slots.
- Users with restricted position access can only edit available slots for accessible stages.
- Users with manage_own_slots permissions can only edit their slots.
- Booking applicants
- Users with admin, manage_applicants or manage_all_slots permissions can book applicants and cancel bookings for any slot.
- Users with restricted position access can only book applicants for available slots for accessible stages.
- Users with manage_own_slots permissions can book applicants and cancel bookings only for their slots.
Reports
Required permissions: admin or reports
Note: admin users/users with reports access can view all positions analytics regardless of his/her positions access.
3. Posthire Permissions
Posthire permissions include any Posthire-related actions (e.g. creating recurring checks).
Actions that require certain permissions:
- View the Worker Table
Required permissions: admin or full access + view_workers - Manage workers (using the 'Actions' button):
Required permissions: admin or full access + manage_workers - Add/manage Recurring Checks
Required permissions: admin or posthire_checks
2. Positions Access
Positions Access allows you to select which stages/positions the user has access to. All users have access to public positions.
In order to make a position private and limit access to it, the following setting must be enabled in the position's settings:
Comments
0 comments