Permissions | Kontent.ai Learn

When setting up your team in Kontent.ai, you create roles in your project and choose from several permissions. Each permission defines what your users can do within a project.This reference explains what each permission enables users to do.

Content production

Role permissions can be further refined by assigning roles in specific collections.

Content item permissions

The View ‌permission allows users to:

View content items in the project.
Move content items through their workflow (also depends on your workflow setup).
- Publish content items.
- Unpublish and archive content.
- Cancel scheduled content items.
View and compare older versions of content items.
Assign contributors to content items.
Set due dates for content items.
Add notes.
Add comments and suggestions.
Add, edit, delete, and resolve tasks.
Access Mission Control, which also includes Project overview and Editorial calendar tabs.
Access the Relations tab.

The Edit ‌permission allows users to:

Edit content items.
Work with item versions (also depends on your workflow setup).
- Create new versions of content items.
- Restore older versions of content items.
- Discard the latest versions of content items.
Work with custom elements used in content items.
Insert components to content items.
Approve suggestions.
Move items between collections.

The Create ‌permission allows users to:

Create new content items.
Duplicate content items.
Create new language variants of content items.
Convert components to items.

The Delete ‌permission allows users to:

Delete content items.

Asset permissions

The View permission allows users to:

View assets in the project.
Create customized versions of assets in content items.

The Edit ‌permission allows users to:

Modify asset descriptions.
Assign assets to collections.
Assign taxonomy terms to assets.
Edit asset codenames.
Create folders.

The Create ‌permission allows users to:

Upload new assets to the asset library.

The Delete ‌permission allows users to:

Delete assets.

Restrict access to specific content

You can allow users to work with all content or only the content items assigned to them. The role can be further defined by setting which specific content types and content groups the role can work with. If there are specific content types and content groups that you don’t want the role to work with, exceptions can be added to the role.

Active permissions and workflows

The content capabilities of a given role can be further restricted by your project's content workflows setup. For each workflow step, you can limit which roles can work on content in the given step and move it to the following steps. For example, if you want only Project managers to be able to publish content:

Set up your workflow steps so that only a single step transitions to the Published step; for example, a step named Approved.
Limit the Approved workflow step to the Project manager user role.

Content model

The Manage content types, asset type, and snippets permission allows users to:

View content types, content type snippets, and asset type.
Add, modify, and delete content types.
Add, modify, and delete content type snippets.
Duplicate content types.
Add, modify, and delete the asset type.

The Manage taxonomy permission allows users to:

View taxonomy groups and terms.
Add, modify, and delete taxonomy groups and terms.

The Manage sitemap permission allows users to:

Add, modify, and delete sitemap items.

Settings

The Manage environment permission allows users to:

Create new environments.
Manage environments.
Delete the environments in which the users are active.

The Invite and manage project members permission allows users to:

The Manage custom roles permission allows users to:

Add, modify, and delete custom roles.

The Manage workflow steps permission allows users to:

View the content workflow settings.
Add, modify, and delete workflows and their workflow steps.
Reorder steps in workflows.

The Manage spaces permission allows users to:

Add, modify, and delete spaces.

The Manage collections permission allows users to:

View and configure collection settings.

The Manage localization permission allows users to:

View the localization settings.
Add and configure project languages.

The Create a personal API key permission allows users to:

Create their own personal API key.
View the personal API key in Project settings.

The Manage development settings permission allows users to:

View and modify the codenames of content items.
View and modify preview URLs.
View, add, modify, and delete webhooks.
Set a default Home item in the Relations tab for every user in the environment.

The Access audit log permission allows users to:

View activity logs in the audit log.

Content production

Role permissions can be further refined by assigning roles in specific collections.

Content item permissions

The View ‌permission allows users to:

View content items in the project.
Move content items through their workflow (also depends on your workflow setup).
- Publish content items.
- Unpublish and archive content.
- Cancel scheduled content items.
View and compare older versions of content items.
Assign contributors to content items.
Set due dates for content items.
Add notes.
Add comments and suggestions.
Add, edit, delete, and resolve tasks.
Access Mission Control, which also includes Project overview and Editorial calendar tabs.
Access the Relations tab.

The Edit ‌permission allows users to:

Edit content items.
Work with item versions (also depends on your workflow setup).
- Create new versions of content items.
- Restore older versions of content items.
- Discard the latest versions of content items.
Work with custom elements used in content items.
Insert components to content items.
Approve suggestions.
Move items between collections.

The Create ‌permission allows users to:

Create new content items.
Duplicate content items.
Create new language variants of content items.
Convert components to items.

The Delete ‌permission allows users to:

Delete content items.

Asset permissions

The View permission allows users to:

View assets in the project.
Create customized versions of assets in content items.

The Edit ‌permission allows users to:

Modify asset descriptions.
Assign assets to collections.
Assign taxonomy terms to assets.
Edit asset codenames.
Create folders.

The Create ‌permission allows users to:

Upload new assets to the asset library.

The Delete ‌permission allows users to:

Delete assets.

Restrict access to specific content

Active permissions and workflows

Set up your workflow steps so that only a single step transitions to the Published step; for example, a step named Approved.
Limit the Approved workflow step to the Project manager user role.

Content model

The Manage content types, asset type, and snippets permission allows users to:

View content types, content type snippets, and asset type.
Add, modify, and delete content types.
Add, modify, and delete content type snippets.
Duplicate content types.
Add, modify, and delete the asset type.

The Manage taxonomy permission allows users to:

View taxonomy groups and terms.
Add, modify, and delete taxonomy groups and terms.

The Manage sitemap permission allows users to:

Add, modify, and delete sitemap items.

Settings

The Manage environment permission allows users to:

Create new environments.
Manage environments.
Delete the environments in which the users are active.

The Invite and manage project members permission allows users to:

The Manage custom roles permission allows users to:

Add, modify, and delete custom roles.

The Manage workflow steps permission allows users to:

View the content workflow settings.
Add, modify, and delete workflows and their workflow steps.
Reorder steps in workflows.

The Manage spaces permission allows users to:

Add, modify, and delete spaces.

The Manage collections permission allows users to:

View and configure collection settings.

The Manage localization permission allows users to:

View the localization settings.
Add and configure project languages.

The Create a personal API key permission allows users to:

Create their own personal API key.
View the personal API key in Project settings.

The Manage development settings permission allows users to:

View and modify the codenames of content items.
View and modify preview URLs.
View, add, modify, and delete webhooks.
Set a default Home item in the Relations tab for every user in the environment.

The Access audit log permission allows users to:

View activity logs in the audit log.

Explore your path to mastery

Find out how to properly configure roles and permissions for seamless and secure content production.

Multiple workflows and restrictions on the first workflow stepIf you have multiple workflows enabled in your project, role restrictions on the first workflow step work a bit differently. When a user creates a content item in a workflow where they can't work with the first step, the item gets created in the first step anyway but the user can't work with the item because of their role permissions. In case you don't have multiple workflows enabled, users whose role can't work with the first workflow step create content items in the first step they can work with.