User Administration: Security Roles

This article explains the different roles that can be associated to a user account. The roles determine what a user can access and what functionalities they can perform.

Note that only users with the User Administrator role can set the roles on a user account. 

Fluid Administration

The key component in any organisation is structure. The ability to shape and put in place the correct format forms part of the administrative role. 

Administration roles provide users with ability to access the different administrative sections that are included in Fluid. Administrative pages can be accessed by clicking on the user profile (located at the top right corner of the navigation panel).

Role	Description
Application Administrator	User accounts with this role have access to the entire Fluid instance to manage and administer system configuration and settings including - data, financials, timesheeting and user accounts.

Fluid Access Role

User roles provide access to Fluid and form part of the starting point for users on the system. 

Role	Description
User	The User role provides general access to Fluid. This is the minimum role requirement for a user to be able to log into Fluid.
User Administrator	Manage and oversee user accounts. This includes creating new user accounts, modifying existing accounts, granting or revoking access permissions, and managing user roles . User administrators ensure that users have the necessary access to the resources they need to perform their job functions while maintaining security and compliance with organizational policies and regulations. In addition, the user administrator is able to edit the user domains that are accepted in the instance using Team Sign Up through the Administration Console. You can learn more about creating user accounts here, about resource plan upload here and about team sign up here.

Project Roles

As an intricate part of organisations, the Project sections forms part of the driving component for managing and executing crucial processes. 

Project roles provide users with ability to access the different key features within the project workspace that are included in project management. The following are the different security roles that are aligned with projects:

Role	Description
Project Access	Users must have the Project Access role in order to use the Fluid Projects module. Note that whilst the Project Access role gives users access to the Projects module, it does not give them the ability to create projects or access all project functionalities. Additional roles are required as explained below.
Project Viewer	Users with the Project Viewer role can access ALL projects. Without Project Viewer access users need to be explicitly added to a project to be able to access it. This role should therefore be assigned to any users who need to have access to all projects across the organisation.
Project Submission	Only users with project submission role can create new projects or programs using the user interface or the project bulk edit functionality. Use this role to restrict who can create projects on your instance. You can learn more about creating projects here and about project upload here.
Financials Access	Users with the Financials Access role have access to the financials section of the project workspaces, as well as any Financial reporting. You can learn more on financial reporting and editing financials here.
Resourcing Access	Users with the Resourcing Access role have access to creating team members and allocating time to resources via the Community (resourcing) section on the interface or the resource forecast bulk edit functionality, as well as any Resource reporting. You can learn more about creating team members here and about resource forecast upload here.
Benefit Access	Users with the Benefits Access role have access to the Benefits and Ongoing Costs sections as part of the financials component for providing either qualitative/quantitative benefits to the respective , as well as any Benefits and Ongoing Costs reporting.
Accountable Executive	The accountable executive role is used for reporting purposes, especially when reporting on missing resource forecast or timesheet compliance. Add this role to any user who are the accountable executives in your organisation.
Project Administrator	Administrative accounts with this role have full edit rights to all registered projects in Fluid. They are able to update and manage any projects and configure project settings through the Administration console page.
Financial Administrator	Administrative accounts with this role have access to the financial administration page to do bulk editing of data and the management of portfolio financial data - as well as make changes to finance related elements of the system configuration.
Data Administrator	Administrative accounts with this role have access to the data administration page to do bulk download of data, edit and upload of project information and financials.

Timesheeting Roles

Timesheeting roles provide users with ability to access the different features that are included in timesheets and timesheet management. The following are the different security roles that are aligned with timesheets.

Role	Description
Timesheet Exempt	Users with Timesheet Exempt role are exempt from submitting timesheets from a timesheet compliance point of view. This means that they can submit timesheets the timesheets are not included in the timesheet compliance metrics.
Timesheet Administrator	Users with this security role have access can configure the timesheet module and manage (edit / approve, recall, etc.) any timesheets in the system.

An account with no roles associated to it is known as a 'ghost' account. Ghost accounts are used when a person needs to be represented in Fluid to be added to projects, meetings, boards for reporting purposes, but is not expected to access Fluid. Without any roles assigned to it an account cannot be used so these accounts are not licensed.