Permission Matrix
An overview of R1 Discover's Roles and Permissions
Overview of Roles and Permissions
In R1 Discover, managing user access and permissions is a critical component for maintaining the security and integrity of the system. The platform is equipped with a set of roles and permissions that allow Super Admins to assign varying levels of access to accounts based on their roles within the organization. This guide outlines the steps for managing roles and permissions within R1 Discover.
Understanding Roles
Roles in R1 Discover are predefined sets of permissions that allow users to perform a certain scope of actions within the platform. The roles are hierarchical, providing layers of access that range from broad system-wide administration to specific, limited interactions.
Available Roles:
Administrators: R1 Discover Admins have the ability to both take activities in the system, but also view the data and results of users and other admins activity in the system. What they can see is determined by their role and permissions:
Super Admin
Has full access across the board, including taking activities, creating other accounts, viewing data, and managing all settings.
Lead Admin
Able to view activity data, activity results, and create new accounts for both users and admins. Lead Admins can also take activities for themselves and track their own progress.
Lead Admins are limited to seeing Users & Admins at the intersection of their Location and Program assignments.
Lead Admin Read:
Same permissions as Lead Admin for viewing activity data and reports for Users/Admins, however unable to create new User/Admin accounts.
Admin:
Able to view activity data, activity results, and create new accounts for users only, no insight into other Admin activity.
Admins are limited to seeing Users at the intersection of their Location and Program assignments.
Admin Read:
Same permissions as Admin for viewing activity data and reports for Users, however unable to create new User accounts.
Users:
Users are able to take activities, view their own results, and track their own progress.
Users are only able to take activities that are aligned to their assigned program.
Assigning Roles
All Users are automatically assigned the role of 'User', it's the only possible assignment for them.
Roles are selected for Administrators with the User Role field. Roles can be assigned for Admins during the account creation process or by choosing to edit an existing account.
Read about Creating an Admin here
Read about Editing an Admin here
Using the Permission Matrix
The permission matrix is a visual representation of what each role is permitted to do within R1 Discover. It is included in this documentation for easy reference. Here's how to interpret the matrix:
An 'X' mark indicates that the role has the permission to perform the action associated with that line item.
A blank space signifies that the role does not have the permission.
It is important to review the matrix thoroughly to understand the implications of each role and ensure the right levels of access are given to the right users.
Best Practices
Regularly review and update roles and permissions to align with organizational changes.
Limit Super Admin roles to a select few to maintain system security.
The primary difference between 'Lead Admin' and 'Admin' roles are that the 'Lead Admin' roles have the ability to see other Administrators in addition to Users.
'Admins' can ONLY see users.
Both 'Lead Admins' and 'Admins' will ONLY see accounts they are permissioned to see based on program/location assignments.
The 'Lead Admin Read' and 'Admin Read' roles have all the same permissions as the standard roles outside of creating/editing User/Admin accounts.
Last updated