Atlas User Management: Permissions and Access Groups

Atlas User Management provides powerful features to control and manage how your teams access account data. These features empower you with precise control over information access and facilitate seamless collaboration.

Access Groups

Access Groups allow administrators to manage access to specific sets of entities within your account.

You can add entities to Access Groups using these methods:

• Select by Tag: Include entities that share specific tags (e.g., by strategy or function). This is a great way to group multiple related entities.
• Select by Name: Manually choose individual entities from a dropdown list for precise control.
• Select All: Quickly include all entities in your account. Use this for users who need broad visibility.

How Access Groups Work:

Once you create Access Groups, you can assign users to them. This gives those users access to a specific set of entities tailored to their role and your organizational needs.

Important:

• Changes to an Access Group can impact the data access of assigned users.
• If an Access Group is tag-defined, removing those tags from an entity will revoke access to that entity for users within that group.

User Roles

User roles in Atlas define the level of access users have. The system uses Access Groups to assign access for non-administrator roles.

Customer Admin: This role has full administrative privileges for customer users within an account. This includes creating, editing, deleting roles, and assigning Access Groups.

• Customer Admins are not part of Access Groups as they have default access to all account data.

Edit: Users with this role can edit data they can access and create new entities. Their access is determined by the Access Group they are assigned to.

• If their Access Group is defined by tags, the new entity automatically inherits those tags and is added to the group.
• If their Access Group is defined by specific entity names, the new entity is automatically included in the group’s entity list.
• If their Access Group includes all entities, the new entity is automatically accessible to all users in the group.

•  
  •  
    • Note: If you remove tags from an entity created by a user in a tag-defined Access Group, that user and other group members may lose access to that entity.

View Only: Users with this role have view-only access to data within their assigned Access Group.

 

Restricted View Only: This role provides limited view-only access, excluding sensitive data. Access is determined by the assigned Access Group.

Sensitive Data Restrictions for Restricted View Only:

• Sensitive Documents: Document names are visible, but downloads are disabled.
• Bank Information: Account names are visible, but account numbers are masked (e.g., ***)
• Structure Chart:
  • Displays entities linked to the main target entity and entities within the user’s Access Group.
  • Users cannot click into entities outside their Access Group or into stakeholders (e.g., Persons, External Entities).
  • Ownership percentages, share/unit classes, and entity notes are hidden.
  • Group relationships are accessible and link to the relationship page.
• Relationships:
  • Displays only the name and relationship type.
  • Entities outside the user’s Access Group cannot be accessed.

User Role Permissions:

User Management Page

The User Management page helps you administer users and their Access Groups.

Key features include:

"Access Group" Column: This column shows the Access Group assigned to each user. 

Editing User Information: To edit an existing user, use the "More Actions" menu in the user’s row on the Users table. Here, administrators can:

• View user details.
• Modify user information, including roles, Access Groups, and personal data.
  •  

Questions?

If you have any questions about managing permissions, Access Groups, or user roles, please reach out to our Customer Care team at customer.care@ontra.ai.