In the Betty Blocks platform, roles and permissions are key components that control access and define what users can do within different parts of the system. Depending on the level of access, you can manage roles and permissions across various areas of the platform, ensuring that users have the appropriate rights to perform their tasks (in the runtime applications) while builders can maintain security and governance during the building process (design time).
Application level (runtime)
This is the lowest level of access within an application, where you define what users can do within the application itself during runtime (live application).
Access: As an application admin, you can manage roles and permissions by navigating to Tools > Roles and permissions. Here, you can create new roles and assign specific permissions, such as whether a role can 'read' particular data models.
Usage: The 'read' permissions for data models are set within the Roles and Permissions section, while others, like Create, Update, and Delete permissions are managed via the Actions.
Default roles are admin and public.
For example, below you can see how we reached the individual 'Delete webuser' action's Settings > Permissions to restrict the Webuser role from being able to delete other webuser records.
More information about this topic can be found in What are model permissions?
Application development level (design time)
This level also deals with the application but focuses on the development phase. It controls who can access and modify specific features during the application-building process.
Access: Managed by navigating to Organizations (1) > My organization > Roles and permissions > Application development roles (2).
Usage: This ensures that only authorized developers can make changes to the application structure and functionality during the building process in Pages, Models and Actions.
Default application development roles are low-code developer, business technologist, and citizen developer.
Learn more about the application development roles in Role-based application access.
Organization level
This level involves broader permissions affecting the entire organization. It controls who can perform significant actions, such as creating new applications or inviting new users to the organization.
Access: Managed by navigating to Organizations > My organization > Roles and permissions.
Roles: Default roles include admin and member.
See how you can manage your organization roles in Managing organization roles article.
Company level
The company level is the highest level of permissions within Betty Blocks, governing overarching settings like who can export company data and manage company-wide configurations.
Access: These permissions can be edited if you have company admin rights, accessible via the company settings: Company (1) > Roles and permissions tab (2).
Roles: Default roles include Admin, Member, Company Manager, and Toolkit Manager, ensuring that only authorized users can perform critical company-wide operations.
Look up the permissions available on organization and company levels in Roles and permissions reference document.