Skip to content
English
More support
Contact us
  • There are no suggestions because the search field is empty.

🛡️ Roles & Permissions Overview

This article explains the available roles in the user profile, their permissions, and use cases. You will learn when to assign System Administrators, Cascade Admins, or Team Administrators – and what to consider for External Users.

🔍 Contents

  • Available roles at a glance
  • Role comparison
  • Role: System Administrator
  • Role: Cascade Admin
  • Role: Team Administrator
  • Role: External User
  • Tips & Best Practices
  • FAQ

Available roles at a glance

In the user profile, the following options can be selected under “Role (global)”:

  • None – Standard user without admin rights

  • System Administrator – Full access to all system areas

  • Cascade Admin – Restricted admin access to assigned cascades

  • External – Limited access (e.g., suppliers, consultants)

Additionally, there is the Team Administrator role, which is assigned in the Team Management section (not via the global dropdown).

Role comparison

Role Scope Typical tasks Restrictions
System Administrator entire system global settings, user & role management, create/delete teams none
Cascade Admin defined cascades manage users & teams within assigned cascades, local administration no global permissions
Team Administrator a single team add users to a team, create sub-KPIs, manage views & templates no rights outside the team
External User selected areas work in assigned teams, limited access to content no admin rights

Role: System Administrator

System Administrators have unrestricted access to all system functions, teams, and users. They can:

  • Change global system settings

  • Manage users

  • Assign roles

  • Create and delete teams and content

⚠️ Caution: This role should be granted sparingly, as it includes full visibility and unrestricted editing rights.

Role: Cascade Admin

Purpose & use cases

The Cascade Admin role is designed for organizations with multiple locations or departments. It allows local administrators to be defined without giving them access to global areas or sensitive data.

✨ Tip: Ideal for matrix organizations, international enterprises, or large business units.

Permissions & restrictions

Area Allowed Restricted
System settings Access to KPIs, List Editor, Teamboards, categories No access to global security settings
Team management Manage assigned cascades (including sub-teams) No changes outside assigned cascades
User management Create & edit users within assigned cascades Cannot assign “System Administrator” or “Cascade Admin”
Dashboard & navigation Access to teams in assigned cascades Content outside cascades is disabled
Email notifications Receive & confirm hometeam requests for assigned teams No visibility of other requests

ℹ️ Note: Cascade Admins only have visibility and permissions for the assigned cascades. Outside these areas, they act as regular users.

Assigning & editing

  1. Open the desired user profile.

  2. Select “Cascade Admin” from the “Role (global)” dropdown.
    📸 Screenshot: Selecting the role in the user profile

  3. Click “Select cascade(s)” to choose one or more cascades.

  4. The selection appears as chips below the button. You can adjust them via “Edit selection”.

  5. Changes take effect only after clicking “Apply changes” in the top right corner.

⚠️ Caution: At least one cascade must be selected; otherwise, the role cannot be saved.

Role: Team Administrator

Team Administrators have full administrative rights within a single team. This role is assigned in Team Management, not globally.

Tasks of a Team Administrator:

  • Add existing users to the team

  • Add KPIs defined by the System Administrator

  • Create sub-KPIs

  • Create and manage views within the team

  • Create templates in the process board

ℹ️ Note: A user can be both a Team Administrator and a Cascade Admin. In the team view, they will be displayed as a Cascade Admin to avoid duplicates.

Role: External User

External Users have limited access to content and functions. This role is typically used for guests, external partners, or temporary staff.

✨ Tips & Best Practices

💡 Best practice: Assign at least one Team Administrator or Cascade Admin per area to ensure decentralized management – especially in larger organizational units.

⚠️ Caution: Grant System Administrator rights only to users with global responsibility. This role provides unrestricted access to the entire system.

✨ Tip: Use the “External” role specifically for partners or service providers, and document their authorization (e.g., in a project contract or NDA).

âť“ FAQ

How does a Cascade Admin differ from a System Administrator?
A System Administrator has unrestricted global access. A Cascade Admin only has access to explicitly assigned cascades.

What is the difference between a Team Administrator and a Cascade Admin?
A Team Administrator has rights within a single team. A Cascade Admin has rights across multiple teams within a cascade.

Can a Cascade Admin create new users?
Yes, but only with the roles “None” or “External” and only within assigned cascades.

How can I see which cascades a Cascade Admin has been assigned?
They are displayed as chips in the user profile under “About me.”

Can multiple Cascade Admins or Team Administrators be assigned?
Yes, as many as needed – e.g., per location or department.

What happens if the “Cascade Admin” role is removed?
All assigned cascades and related permissions are automatically removed.