Permissions

Jan Cerman, Martina Farkasova
5 minutes
Users & Roles
When setting up your team in Kontent.ai, you create roles in your project and choose from several permissions. Each permission defines what your users can do within a project.This reference explains what each permission enables users to do.
Explore your path to mastery

Content production

Role permissions can be further refined by assigning roles in specific collections.

Content item permissions

The View ‌permission allows users to: The Edit ‌permission allows users to: The Create ‌permission allows users to: The Delete ‌permission allows users to:

Asset permissions

The View permission allows users to: The Edit ‌permission allows users to: The Create ‌permission allows users to: The Delete ‌permission allows users to:

Restrict access to specific content

You can allow users to work with all content or only the content items assigned to them. The role can be further defined by setting which specific content types and content groups the role can work with. If there are specific content types and content groups that you don’t want the role to work with, exceptions can be added to the role.

Active permissions and workflows

The content capabilities of a given role can be further restricted by your project's content workflows setup. For each workflow step, you can limit which roles can work on content in the given step and move it to the following steps. For example, if you want only Project managers to be able to publish content:
  1. Set up your workflow steps so that only a single step transitions to the Published step; for example, a step named Approved.
  2. Limit the Approved workflow step to the Project manager user role.
Multiple workflows and restrictions on the first workflow stepIf you have multiple workflows enabled in your project, role restrictions on the first workflow step work a bit differently. When a user creates a content item in a workflow where they can't work with the first step, the item gets created in the first step anyway but the user can't work with the item because of their role permissions. In case you don't have multiple workflows enabled, users whose role can't work with the first workflow step create content items in the first step they can work with.

Content model

The Manage content types, asset type, and snippets permission allows users to: The Manage taxonomy permission allows users to:
  • View taxonomy groups and terms.
  • Add, modify, and delete taxonomy groups and terms.
The Manage sitemap permission allows users to:
  • Add, modify, and delete sitemap items.

Settings

The Manage environment permission allows users to:
  • Create new environments.
  • Manage environments.
  • Delete the environments in which the users are active.
The Invite and manage project members permission allows users to: The Manage custom roles permission allows users to:
  • Add, modify, and delete custom roles.
The Manage workflow steps permission allows users to:
  • View the content workflow settings.
  • Add, modify, and delete workflows and their workflow steps.
  • Reorder steps in workflows.
The Manage spaces permission allows users to:
  • Add, modify, and delete spaces.
The Manage collections permission allows users to: The Manage localization permission allows users to: The Create a personal API key permission allows users to: The Manage development settings permission allows users to:
  • View and modify the codenames of content items.
  • View and modify preview URLs.
  • View, add, modify, and delete webhooks.
  • Set a default Home item in the Relations tab for every user in the environment.
The Access audit log permission allows users to: The Manage custom apps permission allows users to:
  • View the custom app settings.
  • Add, modify, and delete custom apps.