Permissions and permission groups in SendAuth are designed to help you track what users are allowed to do outside of the system. They serve as labels for capabilities within your company and do not grant any access within the SendAuth application itself.

Overview

• Permissions: Labels that represent capabilities or roles within your organization (e.g., “HR”, “IT”, “Finance”)
• Permission Groups: Collections of permissions that can be reused across multiple users (e.g., “Engineering Team”, “Management”)

Permissions

Permissions act as capability labels that you can assign to users to track what they’re authorized to do in external systems or within your organization.

Creating Permissions

1. Navigate to Settings → Permissions
2. In the Permissions section, enter a permission name (e.g., “HR”, “IT Support”)
3. Click Add Permission

Permission Guidelines

• Keep permission names short and descriptive
• Use consistent naming conventions (e.g., “HR”, “Finance”, “Engineering”)
• Maximum 64 characters, printable ASCII only
• Consider using department names, roles, or capability areas

Managing Permissions

• Rename: Click the edit icon next to any permission to rename it
• Delete: Click the delete icon to remove a permission (this will remove it from all users and groups)

Permission Groups

Permission groups allow you to organize related permissions into reusable collections, making it easier to manage users with similar capability sets.

Creating Permission Groups

1. Navigate to Settings → Permissions
2. In the Permission Groups section, enter a group name (e.g., “Engineering Team”)
3. Click Add Group
4. Click Edit on the newly created group to assign permissions to it

Assigning Permissions to Groups

1. Click the Edit button next to a permission group
2. Select the permissions you want to include in this group
3. Click Save

Example Permission Groups

• Engineering Team: IT, Development, DevOps
• Management: HR, Finance, Operations
• Support Team: Customer Service, Technical Support

Assigning Permissions to Users

Users can receive permissions in two ways:

Direct Permissions

Individual permissions assigned directly to a user.

Group Permissions

Permissions inherited from permission groups the user belongs to.

To assign permissions to a user:

1. Navigate to Users and select a user
2. In the user edit form:
   • Direct Permissions: Select individual permissions
   • Permission Groups: Select groups to assign all their permissions at once

Viewing User Permissions

In the users list and user detail views, you’ll see:

• Blue badges: All permissions (both direct and from groups)
• The system automatically merges and deduplicates permissions from both sources

API Integration

Permissions can be queried via the SendAuth API for integration with external systems:

Use Cases

Common scenarios for using permissions and permission groups:

External System Integration

• Track which users have access to specific external tools
• Integrate with HRIS or other company systems
• Audit capability distribution across your organization

Compliance and Reporting

• Generate reports on who has specific capabilities
• Track permission changes for audit purposes
• Ensure proper capability distribution

Organizational Structure

• Map company hierarchy and roles
• Track department membership
• Manage capability inheritance

Limitations

• Permission names must be unique within an organization
• Maximum 128 characters for permission group names
• Maximum 64 characters for permission names
• Changes to permissions affect all users and groups immediately