User Access by secondary association

For background please read the How to - User Management guide.

Core Data Structure

We recommend reading our article 'Introducing Gatekeeper' which outlines the data structure.

As shown in the core data structure diagram, Contracts are the base object that are linked to the other core objects: Suppliers, Teams, Categories and Entities, this data structure enables access to contracts to be provisioned by association.

Secondary Association

Secondary association is the link between the core objects: Entities, Categories, Teams & Suppliers, as none of these are directly linked to each other, they are associated to each other via the Contract instead.

Object Hierarchy
Object hierarchy is relevant when considering the Administrator role with Secondary Associations.

The hierarchy from top to bottom is as follows:

Level 4 - Entities
Level 3 - Categories | Teams
Level 2 - Suppliers
Level 1 - Contracts 

Note. Categories & Teams are both on Level 3

This is best explained with examples.

Example 1 - User has the role 'Administrator' & role permission 'Own Team'

Level 4 - Entities
Level 3 - Categories | Teams
Level 2 - Suppliers
Level 1 - Contracts 

This gives the user Team Level 3 access, which means they will be an administrator of the Team they are in and all objects in lower levels that they have access to. They will also have access to other objects at level 3 (Categories) and level 4 (Entities) but only Collaborator access.

Example 2 - User has the role 'Administrator' & role permission 'Owned Only' and they have been made the owner of Contracts

Level 4 - Entities
Level 3 - Categories | Teams
Level 2 - Suppliers
Level 1 - Contracts 

This gives the user Level 1 access, which means they will be an administrator of the Contracts they are the owner of. They will also have access to other objects at all other levels 2, 3 & 4 but only collaborator access.

Example 3 - User has the role 'Administrator' & role permission 'Owned Only' and they have been made the owner of Suppliers

Level 4 - Entities
Level 3 - Categories | Teams
Level 2 - Suppliers
Level 1 - Contracts 

This gives the user Level 2 access, which means they will be an administrator of the Suppliers they are the owner of and all objects in lower levels i.e. Contracts that they have access to. They will also have access to other objects at all other levels 3 & 4 but only collaborator access.


If you would like any support in this area, please don't hesitate to get in touch with us.