Managing members and roles

Updated 3 months ago by Kiruthika

Roles and permissions

You can manage the members in your case system by assigning different roles and permissions to their profiles based on the responsibilities mapped with them in a specific case system.

Kissflow offers the following roles as part of its Case workflow:

Admin

A Case Admin has the highest set of privileges in a case system. They can:

  • create, modify, and delete cases
  • modify, and manage the settings of a case system
  • add or remove members
  • perform bulk actions
  • access the audit log
  • view transitions and activity, and
  • generate custom reports
Do you know that an Admin can modify the role of any member in a case system?

Yes, an Admin can make anyone in the case system another Admin, member, initiator, or a restricted member. They can also downgrade someone's role from an "Admin" to a "Restricted member" based on their requirements in the case system.

Member

A Case Member falls next in the hierarchy following the Admin and they can:

  • create, modify, and delete cases
  • create and manage filters
  • Add and modify notes, and
  • View transitions and activity
There are a few things that a member cannot do in a case system:

-They cannot duplicate or delete a case system.
-They can access only the reports that are shared with them.

Initiator

The initiator is someone who is a part of the case system but has a limited set of privileges and responsibilities. They can only:

  • create new cases, and
  • update the cases that are created or requested by them.
An initiator cannot assign a case to themselves and they cannot be assigned to any case by anyone in the team either.

Restricted member

A restricted member is someone who performs specific tasks on the case system without necessarily being a part of it. They would be able to view only the cases assigned to them.

As a restricted member, one can only:

  • search for their cases, sort, and filter data within the cases that they have access to.
  • create their private filters but cannot access the shared filters.
  • edit the custom fields, and view the activity and transitions on the cases assigned to them.
A restricted member can act upon a specific case only if they are directly assigned to it. i.e They must be the "Current assignee" of the case to modify its custom fields or view its transitions.

There could be instances where the access granted to a restricted member on a specific case is revoked by the Admin and the restricted member must contact the Admin to resume working on it as necessary.

How do you decide what role to choose?

For the administrators

The Admin role is very explicit in its nature and the kind of responsibilities that come along with it. You can make someone an Admin of a case system if you want them to have ultimate control of everything in it. Right from having the privilege to perform any action in a case, to upgrading or downgrading one's role, an Admin can do everything. Learn more about their privileges here.

For the go-getters

We recommend you make someone a Member if you want them to create, modify, and act upon cases and have complete control over them, meanwhile restricting them from altering the structure of a case system, duplicating, or deleting it. In a nutshell, if you want the flow member to do their job but not super-do it like the Admin, you can make them a Member inside a case system. Learn more about their privileges here.

For the request makers

There could be instances where you want the flow member to just make requests and not do much about it after they initiate the request. You can think of a 'Bug tracking' system where certain users get to only report bugs and collaborate on the bugs that are only raised by them. These people can be assigned to the "Initiator" role inside a case so that they can only create and access the cases that they had created or requested. Learn more about their privileges here.

For the contractors

We offer the "Restricted member" role to map the contractors in your business as part of the case systems you manage. A restricted member is someone who has restricted access and visibility to the data shared with them. i.e. They work on a specific task on a case without necessarily being part of the case system. Businesses that collaborate with vendors to get a chunk of their work done can make the best use of this role as part of their case management. Learn more about their privileges here.

Adding members and groups to a case system

  1. Navigate to the case for which you would like to add members.
  2. Click More options  > Share
  3. Click +Add members
  4. Type the name or email address of the user or group in the text area present under Select users and groups.
    1. You can also invite an external user who isn't a part of your organization to your case as part of the Share settings.
      1. Type the email address of the external user like the following and you'll see an Invite link below.
      2. Click the link to send an invite to the external user.
  5. Select a relevant role from the Role dropdown after adding the users. If you are not sure about which role to choose, learn about the different roles and permissions that the Case workflow offers here.
  6. Click Add.

Modifying a member's role

A member will lose their current set of privileges when they are downgraded to a role with fewer privileges.

  1. Navigate to the case page > Share.
  2. Click the More options icon beside a member's name.
  3. Change their role by clicking on the Make an admin, Make a restricted member, Make an initiator, or Make a member options as necessary. Click Remove to remove the flow member from your case system alternatively.
    1. When you modify a flow member's role to Initiator, you can choose to reassign the cases currently assigned to them as they wouldn't be able to collaborate on their cases after they become an initiator.
      To reassign the member's cases, select a user from the Reassign cases to dropdown in the pop-up window that shows up after you click Make an initiator. You can also leave the dropdown as is(i.e. not choose any user from the Reassign cases to dropdown) if you do not want to do the reassignment right away.
    2. When you modify the role of a specific group to Initiator, you can choose to reassign the cases currently assigned to the members of the group as they wouldn't be able to collaborate on their cases after they become an initiator.
      To reassign the cases assigned to the group members in bulk, select a user from the Reassign cases to dropdown in the pop-up window that shows up after you click Make an initiator. You can also leave the dropdown as is(i.e. not choose any user from the Reassign cases to dropdown) if you do not want to do the reassignment right away.

There could be instances where a few members of the group that was recently made an initiator have dedicated roles like an Admin or a member inside the same case system.The roles of such users will not be updated to "Initiator" as their direct/current privileges inside the case system are higher or powerful than an initator.

Do you know the role a user plays as part of a user group takes higher precedence inside a case system?

Yes, let us assume that a user by the name Jake Landon is a part of a group called "Product Managers" and you assign an Admin role to this group inside a case system. Now, if the Case Admin attempts to make Jake an Initiator or a Restricted Member inside the case where he is already an Admin via the group Product Managers, this attempt to get his role changed to an Initiator will not work. Jake will continue to play the Admin role in the case as his group has the Administrator privileges already.

i.e. If a flow member is made an Initiator, the privileges mapped with the Initiator role are applicable only if the flow member is not a part of any user group that's been assigned a higher set of privileges in the case system.

Refer to the following table to learn the differences between each of these roles that we support in a case system:

Permissions

Admin

Member

Initiator

Restricted member

Update case system settings

Y

-

-

-

Add or remove members

Y

-

-

-

Create, update, and delete cases

Y

Y

Y* (Can create cases and modify the ones created or requested by them )

-

Create, rename, and delete filters

Y

Y

Y

Y

Share custom filters

Y

-

-

-

Perform bulk actions

Y

Y* (Cannot bulk-delete)

Y* (Cannot bulk-delete)

Y* (Cannot bulk-delete)

Manage notifications

Y

Y

Y

Y

View audit log

Y

-

-

-

Archive and delete case systems

Y

-

-

-

Duplicate a case system

Y

-

-

-

Add, edit, and delete notes

Y

Y

Y

Y*(Only if the restricted member is the current assignee of the case )

View transitions and activity

Y

Y

Y

Y*(Only if the restricted member is the current assignee of the case )

Generate custom reports

Y

Only the reports that are shared with them

Only the reports that are shared with them

Only the reports that are shared with them

 


How did we do?