Skip to main content
Top

App Permissions

Jessica Peck
Updated

Set Permissions for My App

  1. From your app's dashboard, click on the name of your app in the top left corner of the screen.
  2. Select Permissions from the dropdown.

Screenshot showing the permissions menu under the app name

From here, you will be able to configure permissions for users that should have access to your app. This page and the permissions settings are divided into a few different categories. Below are descriptions of the types of roles found on the Permissions page that you may want to consider as you're sharing your app:

Administrators

Screenshot of administrator permissions

App Administrators include anyone that should have access to edit, update, or delete the app or its associated documents. Users can be added individually, by group, or by role. Groups and roles are created by your system administrator in the Kuali Groups area (see Creating and Managing Groups and Creating and Managing Roles).

  • If a group is given app administrator permissions, anyone that is part of that group will have all of the permissions you select here. 
  • If a role is given app administrator permissions, anyone assigned to that role will have all of the permissions you select here.

All Authenticated Users

Screenshot of authenticated user permissions

The permissions you configure in the "All Authenticated Users" section will apply to ALL users who are able to log in successfully to the system. Generally, the only permission you would select here is to allow users to "Create documents in this app," but this depends on the needs of your application.

All Anonymous Users

Screenshot of anonymous user permission settings

Anonymous Users in Kuali refers to any user that is unable to log in to the system. It is possible for you to share Kuali apps and forms with unauthenticated users, and the "All Anonymous Users" section on the Permissions page is where you give them access to create and submit forms in your app.  This will also automatically select the ‘allow anonymous submissions’ option in the Form share link so an anonymous sharing link is available (more info in the Sharing an App/Form article).

Note: If your form uses gadgets that pull information from the Kuali Users and Groups area or from an external integration, that information will not be available to an anonymous user for security reasons. Form submitters must login to the form to view that information.

Add New Role

Screenshot of custom role permission settings

While configuring permissions, you will notice that at the bottom of the page is the ability to "Add New Role." If there is a unique subgroup of people that should have permissions different from your App Administrators, Authenticated Users, or Anonymous Users, you may need to create a new role.

Creating a new role will allow you to configure the permissions for this audience just as you did with the other types of users (see screenshot below). You can also add specific users, groups, or system roles to this app permissions role. 

Screenshots of role permissions within an app

Note: A newly created role from an App Permissions page is only created for that app specifically. It does not create a new role in the Kuali Groups area. To create a new role that is available system-wide, you will want to have your system administrator create it in the Kuali Groups area.

Available Permissions 

App permissions has several different permission options available that allows you to customize your user experience. Below is a list of each permission and its description:

Administer, design, and publish this app:
This gives the user the ability to make edits to and publish a given app. It also gives the user the ability to delete an entire app.
Create documents in this app:
This allows the user to complete a form in an app. (Reminder: Completed forms in Kuali are called Documents). Usually this is the permission you want to extend to any end user that you want to fill out a form.
Read documents in this app:
This permission gives a user access to read any documents (completed forms) for a given app. It also gives the user access to the Document List.
Access the Document List
This will give users access to view the document list, but the ability to view individual documents will be based on the conditional permissions that are configured for those documents. This could mean that people may see an empty document list.
Update documents in this app:
This allows the user to make changes to any completed fields in a document (a submitted form).
Delete documents in this app:
This allows the user to delete any documents (submitted form) in an app.

Grant app access to large groups of people 

While individuals and small groups of people can be given access to apps using the Groups and Roles functionality, at times you may find it necessary to give large groups of people (800+) access to forms. For example, you may want to make a form available for all faculty on campus, but not students. Rather than using the Kuali Group functionality to give these permissions, we recommend using the Affiliations permission option (See Large Group Support (Affiliations) for more information).

Note: Within Affiliation options in permissions, you will see the <affiliation name> *all* as an option.  Each affiliation is stored as a role/organization pairing since some customers utilize multiple Organizations for their users - like the below:
eduPersonAffiliation=member;eduPersonOrgDN=main_campus
For example, Student:OahuCampus or Faculty:MainCampus. In some of those cases, you may select all Faculty:* to submit documents, regardless of their organization. That's the (*all*) part of that the affiliation options.  However, if your institution doesn't utilize multiple organizations, it won't pertain to your set up and can be ignored.

Related to

Was this article helpful?

0 out of 0 found this helpful
Return to top

Related articles

Comments

0 comments

Article is closed for comments.