Every time you add a new account user who can log into your BlueTally instance, you can assign them a Permission Level to grant or limit the access you would like to have. By default, we offer the following Permission Levels:
Administrator: These users have full access to the account. They can manage the account settings, invite and manage other account users, enable 2FA, and handle all forms of data entry on your BlueTally instance.
Manager: These users can create, read, update, and delete data entries on your instance. They can also check items in or out. They cannot change or update any account settings across your instance.
Operator: These users can only view items and check items in or out. They cannot edit, create, or delete any data.
My Items & Direct Reports Items (only available on our Corporate subscription): these users can only view items checked out to themselves and their direct reports if they manage other employees at your organization. Learn more by reading the My Items Permission Level article in our Knowledge Base
While these default permission levels may cover a lot of ground, we understand that you may need something more specific for a certain user or a group of users. Our Custom Permission Levels module will let you set a user's access with far more specificity, such as limiting access to Assets within a specific Location or Department, specific fields of data they can edit, and much, much more!
Creating New Permissions
First, navigate to the Custom Permission Levels section in your account settings and click the blue Create New button.
This will redirect you to the New Permission Level page, where you can begin to use the more granular settings to determine the specific permission you need to set.
At the top of the page, you'll see that you can give your Permission Level a name. For what we'll create as an example for this article, we'll name it "Custom User Group A".
Filters for Assets, Accessories, Consumables, Components, and Licenses
For Assets, Accessories, Consumables, Components, and Licenses, you can set specific filters for which items the user should be able to interact with. As an example, you could limit a user to interact with Assets only found within the New York Office and Human Resources Department, as shown in the screenshot below:
You can give a user access to multiple entries within one filter group as well. If we wanted this user to access Assets within the Palo Alto Office and the Finance Department, we could simply add them as an additional tag under each respective field.
Each section of items has a different set of filters you can apply for your custom permissions.
For Assets:
Statuses
Suppliers
Locations
Departments
Products or Product Categories
Product Manufacturers
Product Depreciations
For Accessories, Consumables, and Components:
Categories
Manufacturers
Suppliers
Locations
Departments
For Licenses:
Categories
Manufacturers
Suppliers
Locations
Depreciations
Departments
Permissions for Assets, Accessories, Consumables, Components, and Licenses
With Assets, Accessories, Consumables, Components, and Licenses, you can grant your users access to the following actions or permissions:
View (visibility on fields of data)
Edit (ability to edit fields of data)
Create (ability to add new data entry, such as a new device for Assets)
Delete (ability to remove data entry)
Checkin (return an item to your inventory, not available for Consumables)
Checkout (assign an item to a designated recipient)
Export (generate an Excel sheet with the data visible in the section)
The toggles next to each function will allow you to enable or disable each specific permission.
If we continue with the custom permissions we were creating above for Assets, we could limit which functions this user could perform for these Assets. We could allow them to view, edit, and export the data for our Assets, as well as check them in or out, but we want to restrict them from being able to create or delete anything. We would set the toggles as they are shown in the photo below to achieve this:
For View and Edit permissions, we can use the additional columns of toggle options to further customize the specific fields that we want our users to see or edit. We'll restrict them from viewing Intune details and editing the Location or Department fields by setting the toggles as shown in the photo below:
Additional Notes for View and Edit:
If you disable the toggle for View in the left column, it will disable all permissions.
If you disable the toggle for Edit in the left column, it will disable all Edit permissions in the right column.
Permission Levels for Other Sections
While you can only set the granular permission levels for the five sections we've talked about previously, you can set general access permission levels so that your users can View, Edit, Create, and/or Delete data for these sections.
These sections include:
Products
Maintenances
Audits (Perform and Schedule take the place of Edit and Create)
Locations
Employees
Categories
Manufacturers
Suppliers
Statuses
Departments
Depreciations
Kits
Additional Note for View Permission: If you disable the toggle for the View permission on a particular section, it will disable the remaining permissions for that section.
Other Permissions
The last box on the New Permission Level page, titled Others, contains a variety of additional functions that you may want to allow or restrict depending on what you want this group of users to do in BlueTally:
Import: manually import data to BlueTally using our Excel Import feature
Activity Report: access, filter, and export the Activity Report
Asset Report: access, customize, save & schedule, and download Asset Reports
Depreciation Report: access and export the Depreciation Report
Due Back Report: access, filter, and export the Due Back Report
End of Life & Warranty Report: access, filter, and export the End of Life & Warranty Report
Offboarding Report: access, filter, and export the Offboarding Report
Billing: access the Billing tab containing information about your subscription, receipts, and billing information
Notifications: ability to receive alerts when Dashboard events occur
Dashboard: ability to see the Dashboard on the landing page
Support Chat: ability to use the Intercom widget and chat with our support team. If disabled, the Intercom icon will not appear in the lower right-hand corner of their screen when they log into BlueTally
Recycle Bin: ability to see items that are currently in the Recycle Bin. Those with this permission enabled will also be able to restore any items from the Recycle Bin to the main inventory
Settings Administrator: ability to manage account settings for your BlueTally settings, like those at the Administrator permission level
Final Step for Creating a New Custom Permission Level
Once you've configured all the specific elements of the Customer Permission Level, you can click the blue Save button at the bottom of the page.
There's another Save button at the top of the page, just below where you named your Permission Level.
Once your Permission Level has been saved, you'll be redirected to your Settings page, and a confirmation in a green box will appear.
You'll also be able to find your new Permission Level listed along with the other Permission Levels when you visit the Custom Permission Levels section in your Settings.
Assigning a Custom Permission Level to Your Account Users
Now that we've finally created our Custom Permission Level, we need to enable it for the Account Users who should have these unique permissions.
For Users Already on Your BlueTally Account
First, navigate to the Account Users section in your Settings, then click on "View Account Users".
You'll be able to view all the Account Users and their current Permission Levels on the Account Users page. Click the pencil icon in the Edit column to change the Account User details. We'll be changing this for Custom User 1.
While on the Edit User page, you can then update any of the details about this Account User. Click on the field for Permission Level to see a dropdown menu of your available Permission Level options.
Once the dropdown menu appears, you'll be able to scroll through all of your available Permission Levels. In this example, we'll select Custom User Group A.
Once the correct Permission Level has been selected, click Save.
A confirmation message in a green box will appear to let you know that the User's information was updated successfully. At this point, Custom User 1 will only be able to access the specific parts of your company's BlueTally account as designated by the Customer Permission Level we created!
When Inviting New Users
The above instructions are useful when an Account User already has access to your BlueTally instance. However, you can assign new users to your Customer Permission Level in the same process you use to add or invite a new Account User!
While in the Account Users section of your Settings, we'll use the Invite a new user portion of the screen. First, enter the Account User's name and email address, then click the Select Permission Level field to make a dropdown menu appear.
Then select the desired Permission Level from the dropdown menu.
Once this has been selected, click the blue "Invite" button.
The Settings page will then refresh, and a green confirmation message will appear to ensure that the User was invited successfully.
You can then return to your Account Users page to see the new user with their Custom Permission Level successfully added to your account!
Frequently Asked Questions
Can I assign Custom Permission Levels if I add new users through our SSO integration?
Yes, but the process is slightly different. When you add new users via SSO, they'll initially be assigned the default permission you enabled for your integration. After the user has signed into BlueTally for the first time, you can then edit their Permission Level from the Account Users section as detailed above.
You can read more about inviting new users via SSO by reading our SSO integration article.
Can I set up custom permissions for Custom Fields?
Unfortunately, this is not currently possible.
Is this feature available on all subscriptions?
Custom Permission Levels are available on our Business, Corporate, and Enterprise plans. Unfortunately, we cannot provide Custom Permission Levels on our Starter plan.