Integration Access Scoping
Learn how to control who can create and use integration connections
Requires an upgraded subscription
This feature is available with our Team and Enterprise plans. View our plans or book a demo for more details.
You can control which users can view integration connections and how they're able to interact with them by assigning integration role permissions via a custom workplace role or by directly applying them to a user or group from the integration management page itself.
Permissions
There are several custom role permissions related to integration access scoping.
Workplace Role Permissions
| Collaborator | Admin | Owner | |
|---|---|---|---|
| View All Integration Connections | β | β | β |
| Use All Integration Connections | β | β | β |
| Manage All Integration Connections | β | β | β |
| Create Integration Connections | β | β | β |
Having "View All Integration Connections" essentially amounts to having the "Viewer" integration role on all integrations. "Use All Integration Connections" provides the "Consumer" integration role. "Manage All Integration Connections" provides the "Admin" integration role. To limit users to manually assigned permissions, you can use a custom role without any of the above permissions and add users and groups to an integration connection directly.
Workplace roles will override the integration role assigned to them at the integration connection level (highest privilege wins). For example, if a user with the "Collaborator" workplace role is assigned the "Viewer" or "None" integration role, they will still effectively have the permissions of the "Consumer" integration role due to the workplace role permissions the user has. For more fine-grained control, you'll want to use custom roles.
Project Role Permissions
The project permission is what allows a user to create syncs using the integration connection. Although not specifically related to integration access scoping, the user will not be able create or manage syncs unless granted this permission by their role.
| None | Viewer | Collaborator | Admin | |
|---|---|---|---|---|
| Manage Syncs | β | β | β | β |
Integration Role Permissions
When adding users or user groups to an integration connection, you can assign an integration role.
| None | Viewer | Consumer | Admin | |
|---|---|---|---|---|
| View Integration Connection Details | β | β | β | β |
| Create Integration Syncs | β | β | β | β |
| Manage Integration Connection | β | β | β | β |
Assigning integration roles
To assign roles for an integration:
-
Browse to the Integrations area of the dashboard.
-
Find the integration connection you want to assign access for and click into the detail view.
-
Scroll down to the Member Access area of the detail view and click the + button to add additional users or user groups.
Users who already have access due to their workplace role may already show up here and won't be removable without first adjusting their role. You can adjust the integration integration role assigned to these users, but you can't decrease their access below what their workplace role is already providing. However, you can increase it (e.g., "Consumer" to "Admin").
-
Add the users and/or user groups you want to add to the integration and the integration role you want to assign them and then click the Add Members button.
Removing integration roles
To remove integration access for a user:
-
Find the user in the Member Access area.
-
Click the red Remove link to the right of them.
If the user has access to the integration from their workplace role, then the Remove link will be grayed out and unavailable.
Updated 22 days ago