Skip to main content

Unified permissions in Insight

Sabrina Dorman
Updated

Ontra’s Insight Unified permissions model gives Insight administrators the ability to apply fund-level access controls, group-based management, and built-in user audit reporting. Continue reading to learn more about how Insight administrators can manage user and group permissions across Insight. 

Overview

ℹ️ Only Insight users with an admin role can manage user permissions.

Navigate to the User Management page under the Admin section in the left-hand navigation menu to add and manage individual users and user groups. 

  • Users are given a Role and Access Level. The Access Level, assigned for each specific Fund or Task, is what determines what actions users can take in Insight – allowing a given user to have varying access. 
  • User Groups enable you to create a group (e.g., Finance team), assign all or specific funds to that group, and set the access level on those funds to scale how you manage user access.

User permissions summary

Role Access Level Permissions
Admin – 

✅ Can create, read, update, and delete objects across all funds

✅ Can add and remove users from Insight

✅ Can add and remove groups from Insight

✅ Can manage fund-level permissions and group membership across Insight
Standard Edit

✅ Can read and update objects within the Fund

❌ Cannot create or delete objects within the Fund 
(e.g., Fund Documents, Obligations, Tasks) 
Standard View

✅ Can read objects within the Fund

Cannot create, update, or delete objects within the Fund 
(e.g., Fund Documents, Obligations, Tasks) 
Standard –  ✅ Can manage only assigned tasks 
(e.g., update status, add comments, add supporting documentation)

 

Learn more about the Legacy User Permissions in Insight

Manage individual users

ℹ️

Only Insight users with an admin role can manage user permissions.

If a user only needs to be assigned tasks - add them as a Standard User to invite them to Ontra and start assigning tasks to them. There is no need to define their View/Edit access by Funds in this case. The user will be able to manage their assigned tasks accordingly (update status, add comments, and upload supporting documentation). 

Add a user

  1. Navigate to Admin and then select User Management
  2. On the Users tab, click the Actions drop-down menu
  3. Select Add User
  4. Input the user’s First Name, Last Name, and Email 
  5. If you are an admin adding another admin, check the Admin box here
  6. Click Add

Define a user’s Access Level

To set View/Edit access for a user by Fund, follow the steps below. 

  1. Navigate to Admin and then select User Management
  2. Click the user’s name to open their User Details page
  3. Open the Access Management tab
  4. Click Add Fund Access 
  5. Select the Funds to include and Access Level (View or Edit)
    1. Users granted access to All Funds will be automatically added to newly created funds too
    2. Users can have varying access across funds 
      (e.g., A user can have Standard User - View access on Fund I and Standard User - Edit access on Fund II)

Manage a user’s Access Level

  1. Navigate to Admin and then select User Management
  2. Click the user’s name to open their User Details page
  3. Open the Access Management tab
  4. Click the icon on the applicable Fund’s row(s) 
  5. Choose to Edit or Remove Access
    1. If editing:
      1. Update the Funds to Include and Access Level as needed
      2. Click Save
    2. If removing, click Remove Access to confirm

Manage user Groups

Benefits of User Groups

  • Manage permissions at scale: update access for a group, not one-by-one
  • Ensure consistency: all users within a group have aligned access, reducing the risk of inconsistent permissions.
  • Simplify onboarding and offboarding: when someone new joins, add them to the group. When someone leaves or changes roles, remove them from the group to update their access. 
  • Reduce repetitive work when creating new funds: assign access once at the group level. The right users automatically get access to every new fund.

Create a user group

  1. Navigate to Admin and then select User Management
  2. Open the Groups tab
  3. In the top right, click the Add Group button
  4. Enter the group Name
  5. Click Add Group

Add users to a group

  1. Navigate to Admin and then select User Management
  2. Open the Groups tab
  3. Locate the group to add users to (by searching or scrolling) and click the group name 
  4. On the Group Details page, click Add Users
  5. Use the drop-down to add users to the group
  6. Click Add users 

Manage group access 

ℹ️ 

Once access is granted at the group level, all current and future members of that group receive the same permissions. 

Additionally, if a user is added to multiple groups, the most permissive level of access will apply. 
  1. Navigate to Admin and then select User Management
  2. Open the Groups tab
  3. Locate the group to add users to (by searching or scrolling) and click the group name 
  4. Open the Access Management tab
  5. Click Add Fund Access
  6. Select the Funds and Access Level using the available drop-downs
  7. Once completed, click Add

Perform User Access Audits

The self-serve audit feature is a great tool to help manage compliance reviews and reduce risk. Admins can export a real-time report of each user invited to the system, the funds they have access to, and what level of access they have. 

  1. Navigate to Admin then select User Management
  2. On the Users tab, click the Actions drop-down menu
  3. Select Download All Users
  4. Open the downloaded .xlsx file to review all users, including their user group, role, access level, fund access, and user status 

Related to

Related articles

Comments

0 comments

Please sign in to leave a comment.

Footer