Administrative Permission Levels
There are several different types of administrative permission levels that can be granted to a user account. These allow you to assign granular capabilities to different users, helping you segregate duties and responsibilities.
Site Administrator
Site administrators, a type of user, have the most powerful level of access to your site. Users who are site administrators can manage everything within your Files.com site including users, data, settings, and logs. For this reason, the best practice is to limit the site administrators for your site to only the users who require that level of access.
When a new site is created, the first user is a site administrator. That first user account may be modified by any other site administrator.
Site administrators for a site can connect to the site's child sites. When they connect, those users will have the same level of access to the child site as a site administrator.
Group Admin
Each group can have one or more members designated as a Group admin. Group admins can see which users are in their group. They can also create new users, who are added to that group.
Once users are created, group admins are not able to change the user accounts or remove users from the group. Only site administrators can change or remove users.
Site administrators can be designated as admins for a group, but that does not grant them any additional capabilities because site administrators can make any changes to any users or groups.
Folder Admin
Folder admin is a user or group permission that is granted for a folder. Users who are folder admins have full control over all the Folder Settings and Automations for a folder. Folder admins have unlimited access to the contents of their folder.
Folder admins can manage permissions for their folder by assigning or removing permissions for other users and groups, or by managing permission fences for the folder. They cannot create, change, or remove other users or groups.
As with other permissions, the folder admin permission may be recursive, granting administrator level access for all sub-folders.
Site administrators do not have permissions assigned for any folders, so a site administrator cannot also be a folder admin.
Billing Administrator
Users can be designated as a Billing administrator in the user's settings. A billing administrator can see billing information, invoice history, and usage data. Billing administrators can open tickets with our support team, but they cannot grant site access to the support team.
Making a user account a billing administrator does not grant access to any files or folders.
Site administrators are automatically billing administrators because site administrators have access to everything for a site, including billing information.
Read-only Administrator
Users can be configured as a Read-only administrator in the user's settings. A read-only administrator can view but not change all of the items in your site. This includes access to view all logs, users, groups, share links, inboxes, notifications, remote servers, automations, and more.
The read-only administrator setting is separate from the user's file or folder permissions. For example, a read-only administrator user must have Share permission in order to create their own share links, but they can view all existing share links. Similarly, a read-only administrator can see all existing automations, but would need to also be a Folder admin to create a new one, or to make any changes.
Site administrators cannot be granted the read-only administrator privilege, because site administrators have full access to everything within your site.
Example Use Case
In this scenario, we have a mortgage broker that needs to assign the appropriate administration privileges for their Files.com site.
The mortgage broker operates from 2 separate branches (central and east). Carter is the head of IT, and works out of the central office. Ellen is a help desk technician stationed in the east office. Each office has a sales team, a processing team, and a client services team, and each of those teams have their own designated team leader. All vendor payments are handled by Chale, who works from the central office.
Carter, as the head of IT, will be a site administrator for the Files.com site. This means Carter can update any setting or file within the site. Carter can directly create any needed users, and groups, or set up automatic provisioning.
Carter defines user groups representing each team at each office, such as "Sales Central" or "Client Services East" and assigns the users into their appropriate teams. Carter can assign folder permissions to the group to give each group member a base level of access to specific folders, and can assign his team leads admin-level access for specific folders.
Carter can designate the team lead users as group admins for their respective groups. As group admins, they will be able to add new users directly to their individual groups. With folder permissions assigned at the group level, this may be all the setup needed to create user accounts for new team members.
Ellen is responsible for helping the staff of the east office when they run into a technical problem, so she needs to access log files or review how an automation is configured. To achieve this, Carter makes Ellen a read-only administrator.
Finally, because Chale is responsible for vendor payments, Carter creates a user account for Chale that is not assigned to any of the department teams, and does not have access to any files or folders. The account for Chale is set as a billing administrator, allowing them to access the invoices for their Files.com site.
Get Instant Access to Files.com
The button below will take you to our Free Trial signup page. Click on the white "Start My Free Trial" button, then fill out the short form on the next page. Your account will be activated instantly. You can dive in and start yourself or let us help. The choice is yours.
Start My Free Trial