Set up platform permissions
Role: Admin 🛡️
After creating users, the administrator defines the permission scopes for the system. Each permission is an access control unit at the API level — it specifies which actions are allowed and at which level within the platform.
Core concepts
Each permission has four main attributes:
| Attribute | Meaning | Example |
|---|---|---|
Permission Name (permCode) | Short identifier | VIEW_PROJECT, GENERATE_BRD |
| Unique Scope Key | Scope string in the form resource:action, used for permission matching | project:read, artifact:generate |
| Level | The level the permission applies to | System Admin, Knowledge Owner, Task Manager, Task Executer |
| Status | Whether the permission is enabled or disabled | Active / Inactive |
The four Levels:
- System Admin — full system administration privileges (create/delete users, projects, platform configuration).
- Knowledge Owner — manages the project's background documents and knowledge base.
- Task Manager — coordinates work, assigns tasks, and tracks progress.
- Task Executer — executes tasks: generates artifacts, reviews, updates status.
How-to
In the sidebar, select Permissions under the System Management group.
View the existing permissions list
The screen lists all permissions with columns: Name, Description, Level, Unique Scope Key, Status. Use the "Search permissions..." box to filter by name, description, or scope key.
Create a new permission
-
Click "Add Permission".
-
Fill in the form:
Field Required Notes Permission Name Yes Identifier written in UPPERCASE with underscores (e.g. MANAGE_USERS)Unique Scope Key No Form resource:action(e.g.user:manage); must be uniqueDescription No Short description of the permission's purpose Level No Choose from dropdown: System Admin,Knowledge Owner,Task Manager,Task Executer(default:System Admin)Status Yes Toggle: on = Active, off = Inactive -
Click "Add Permission" to save.
Edit a permission
Click the pencil icon ✏️ on the row you want to edit → update the information → click "Update Permission".
Delete a permission
- Delete a single permission: click the trash icon 🗑️ → confirm.
- Bulk delete: tick multiple rows → click "Delete Selected" → confirm.
Bulk Import/Export
Import:
- Click "Actions" → "Download Template" to get the sample CSV file.
- Fill data following the exact columns.
- Click "Actions" → "Import Permissions" → choose the CSV file.
- The system validates and reports errors by row number if there are any.
CSV import file structure:
| Column | Required | Sample value |
|---|---|---|
NAME | Yes | VIEW_PROJECT |
DESCRIPTION | No | Allows viewing project details |
LEVEL | No | Task Manager |
UNIQUESCOPEKEY | No | project:read |
STATUS | No | ACTIVE or INACTIVE |
Export: Click "Actions" → "Export Permissions" to download a CSV (all rows or only the currently filtered results).
The scope key must be unique across the entire system. Use the resource:action format consistently (e.g. project:create, artifact:generate, user:manage) to keep access control easy to manage and debug.
Once permissions are set up, move on to 03 — Create a new project to initialize the project workspace.