Permissions let you modify the actions available for particular users or teams. By default, everyone is able to do anything within the app but is really easy to change the setup according to your needs. Changes in permissions are applied immediately.
If an action is not available because of the permissions setup, it will be still visible to the user, but it won’t be accessible for them.
Basic Permissions
Basic permissions are perfect for companies, where you generally want most of the people to have all permissions, but you’d like to restrict setting up the tool or editing actions for some. Below you can find a detailed description of all the available options.
Switching between these options changes the setting for the whole company.
Full access
This is the default state of the permissions. When applied, everyone can do everything within the app, no actions are restricted.
Global settings control
With this option chosen, you can decide who can have the access to set up everything in the tool. It’s a great solution when there is a person or a group designated to watch over the OKR process. It allows the others to focus on the OKRs, without worrying about the setup.
Editing control
With this option chosen, you can restrict all editing capabilities for certain people. It allows them to view the OKRs, it also doesn't restrict the settings, but it prevents people assigned from adding new OKR or editing the existing ones.
Global settings & editing control
With this option chosen, you can have a combination of both of the options described above. When a person or a group is not added to the Editing control nor Global settings control list, they are a Viewer, meaning they can only see OKRs, but they cannot edit, create or set up anything inside the tool. When they are added to just one of the list, the relevant permissions are granted.
Advanced setup
The fifth option available is the Advanced setup. It allows you to granularly define which users or groups have certain permissions, create your own roles and use OKR ownership-based roles to stay aligned with the OKR process when respecting the boundaries at the same time.
Remember that users have the highest set of permissions applied. That means that if someone was an Admin role, but is also assigned to some other role or is an OKR Owner, he’ll still be able to do everything, as long as he remains in the Admin role.
Global roles
These roles are a base on which you build the role setup. By default, there are 2 roles- Admin (can do everything) and Viewer (can only view OKRs). The default role is set to Admin, but you can change the default as well.
Now, in addition to that, you can add your own global roles. Global itself means that they would apply to all OKRs, i.e.users assigned to a global role with a permission to delete OKRs, would be able to delete any OKR.
After adding any new global role, it appears in the Permissions section as well and you’re able to choose which permissions should be included in the role.
OKR ownership-based roles
These roles are a great addition to the global roles, that support the OKR process within the company. Having a global role assigned, this option allows for adding additional permissions regarding only the OKRs that are owned, collaborated on, managed, etc. by particular people.
For example, with a Viewer role assigned as a default role and OKR owenership-based roles on, only people actively engaged (assigned in any way) to the OKR would have some extra permissions regarding them. Others would be just able to view the OKRs.
You can decide which roles to keep ( by toggling them on/off) and what permissions should belong to the roles.
You have to decide which permissions should be included in the role within the Permissions section of the page.
Changes in permissions are saved automatically and applied instantly.