| Info |
|---|
TeamForm has defined user access groups, which provide access to parts of the application. It also has additional user-based access controls which further defines information and functionality available based on user. |
TeamForm Access Groups
The below Roles / Groups are to be created on the customer Identity Access Platform, once setup they can then be provided and mapped into TeamForm so that the two are connected.
TeamForm Access Group | Access | Functionality |
|---|---|---|
Directory (typically given to all team members) | Directory Only | Directory view (for default workspace only):
|
Power (typically given to leaders of teams, to enable team and work planning) | Directory and TeamForm App | Directory plus TeamForm app (for default workspace only):
|
Admin (Typically given to TeamForm Admins) | As above plus admin controls |
|
Reporting (typically analyst / reporting, some leadership roles, admin roles) | TeamForm reporting |
|
TeamForm Support | All of above plus dev tools |
|
...
User Home
A user can be shown a personalised landing page in both App & Team Directory.
TeamForm needs to be able to link a user’s auth0 account to person data stored in the teamform-api backend. The mechanism for this is email address matching.
...
When a user makes a request we attempt to match the email on their auth0 profile to the email addresses that we have imported. We first try an exact match, and then a lowercase match.
...
Troubleshooting
ensure the person data returned from the backend has the id attribute. The easiest way is to use
devtoolson Chrome or Firefox and inspect the person → -> attributes payload on the network tab.ensure the user’s email on their auth0 user matches what we’ve stored in the backend. Use the auth0 webapp web app to see the user’s email address.
The feature can be tested by performing an import that has your own email address as an attribute, and then visiting Team Directory or App.
Group Access Restrictions
A user can be restricted from accessing groups (i.e. teams) within planner, forecast and teambuilder. A user will also be prevented from downloading to csv any teams to which they do not have access.
To enable group access restrictions on a workspace, go to Configure Workspace → Group access:
...
Once this is toggled on, only admins will be able to see all groups via planner etc.
To grant users access to groups, an import needs to be performed that specifies the group ids that they can access. They will have visibility of these groups and any of their children.
The ids need to be under a column or mapped to a column named AccessGroupIds. Multiple group ids can be provided, separated by a ; delimiter.
Example CSV import:
...
PersonID
...
Attributes:id:email:Email
...
AccessGroupIds
...
48066180
...
firstname.lastname@companyname.com
...
XXXX1234;YYYY1234;ZZZZ1234
This CSV file then needs to be imported using a File Upload → Data integration.
...
...
Workspace Access Restrictions
When there is more than one workspace, a user can be restricted from accessing one or more workspaces.
To enable workspace restrictions a workspace, go to go to Configure Workspace → Workspace access:
...
Once this has been enabled, users can be granted access to the workspace with an import that specifies their email address which needs to match their user login.
Example CSV import
...
emails
...
Further restrictions you can apply
| Child pages (Children Display) | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|
|
Related information
| Filter by label (Content by label) | ||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
...