<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=691116991096043&amp;ev=PageView&amp;noscript=1">
Skip to content
  • There are no suggestions because the search field is empty.

User Management Definitions

This article will give a detailed overview of the User Management Definitions available within Gatekeeper when setting up your user base, including roles and permissions.

Restore Visibility

Estimated Read Time: 4 Minutes

Sections in this article:

For steps on how to manage users in Gatekeeper, please read User Management

This article will provide a description of each of the available user management definitions within Gatekeeper.

To learn more about the user management definitions, watch the tutorial or see the tables below:

Roles

Roles define what actions the user can perform when navigating Gatekeeper.

Role Description
Administrator Write access. They can add, delete, and edit data.
Collaborator Read-only access. They can perform some actions, such as adding messages or files. See Collaborative Functions for a full breakdown of what actions they can perform.
Custom Role Based Access Controls (RBAC) defines custom roles. This gives a greater level of granularity to user permissions. RBAC is included in all Enterprise Plans, and can be purchased as an additional module for Contract Now, Pro, and Essentials Plans.
Employee Portal Only***

This provides a more restrictive level of access. Users have minimal visibility of contracts and vendors, but can submit requests via the Employee Portal. You cannot downgrade users to Employee Portal Only if they have already been granted access through one of the other roles.

This requires the Employee Portal add-on module. For further information, please speak to your Account Executive or Customer Success Manager.

Collaborative Functions

For a detailed breakdown of the functions available to Global Collaborators, see the below table:

Global Collaborator Access Rights
Action Access Rights
View contract and vendor records
View all files in Gatekeeper
Edit file names
Download existing files
Upload new files
Edit contract and vendor records (e.g., Expiry Date, Legal Name, Company Number)
Create new contract/vendor records
Export data from contract and vendor repository
Send messages to other users
Create events

 

Permissions

Permissions define what a user can see when navigating Gatekeeper i.e. which records they have access to.

Permission Description
Global Users can see all data in your tenant, including contracts, vendors, teams, categories, and entities.
Own Team Users can only see contracts and their associated vendors based on the team they have been assigned.
Owned Only Users can only see objects that they are explicitly set as an owner of. See Owned Only Access for a full breakdown of this permission.

Owned Only Access

For further details on Owned Only Access, see the description and diagram below:

Owned Only Access Breakdown

Each object (entity, category, team, supplier, or contract) can have assigned owners (also known as managers). Users with the Owned Only permission will have access to objects they directly own. They may also gain access to related objects through secondary associations.

Contracts are at the base of the data structure. They link to vendors, teams, categories, and entities. This structure allows access for Administrators to be inherited based on associations.

See the below diagram for further details and examples:

User Permissions Diagram

 

Workflow Groups

Workflow Groups are used to set ownership within specific workflow phases. They can be set up as static groups of users. For example, the 'IT Team' Workflow Group may contain all IT Team members who are required to interact with an explicit phase within a Workflow. 

For additional information on the difference between standard permissions and workflow permissions, see Workflow Authorisation Overview.

eSign Permissions

eSign Permissions determine which users can send a document for eSign, and who can be set as a Signatory.

eSign Permission Description
eSign Sender Allows this user to send documents for eSign.
eSign Signer Allows this user to be set as an authorised signatory within eSign.

Vendor Permissions

Vendor permissions allow users to view vendor records without providing access to the related contract records. 

Vendor Permission Description
Global Vendor Administrator This user will have administrator (read/write) privileges to all vendor records.
Global Vendor Collaborator This user will have collaborator (read) privileges to all vendor records.

Additional Permissions

This area enables a user to be provisioned with additional permissions.

Additional

Additional Permission Description
Users* Enables a user to manage user access rights and permissions in Gatekeeper (including their own access).
Configuration* Grants access to the Configuration area, allowing them to amend the settings in Gatekeeper.
History Grants access an unrestricted history of all user activity in Gatekeeper.
Reports Enables a user to run and export reports on all data within Gatekeeper.
Workflow Administrator Enables a user to manage all Workflows within Gatekeeper.

* These additional permissions are only available to users who have the Administrator Role and the Global Permission.