Tonic CloudAPI documentationOther guidesTonic.ai
Ask or search…
K
Links
Comment on page

Assigning workspace permission sets

Required license: Professional or Enterprise
Required permission
  • Global permission: View organization users. This permission is only required for the Tonic application. It is not needed when you use the Tonic API.
  • Either:
    • Workspace permission: Share workspace access
    • Global permission: Manage user access to Tonic and to any workspace
Tonic uses workspace permission sets for role-based access (RBAC) of each workspace.
A workspace permission set is a set of workspace permissions. Each permission provides access to a specific workspace feature or function.
Tonic provides built-in workspace permission sets. Enterprise instances can also configure custom permission sets.
You can assign workspace permission sets to users and to SSO groups, if you use SSO to manage Tonic users. Before you assign a workspace permission set to an SSO group, make sure that you are aware of who is in the group. The permissions that are granted to an SSO group automatically are granted to all of the users in the group. For information on how to configure Tonic to filter the allowed SSO groups, go to Synchronizing SSO groups with Tonic.
You cannot remove the owner workspace permission set from the workspace owner. By default, the owner permission set is the built-in Manager permission set.
To change the current access to the workspace:
Workspace access panel
  1. 1.
    To manage access to a single workspace, either:
    • On the workspace management view, in the heading, click the share icon.
    • On Workspaces view, click the actions menu for the workspace, then select Share.
  2. 2.
    To manage access for multiple workspaces:
    1. 1.
      Check the checkbox for each workspace to grant access to.
    2. 2.
      From the Actions menu, select Share Workspaces.
  3. 3.
    The workspace access panel contains the current list of users and groups that have access to the workspace. To add a user or group to the list of users and groups, begin to type the user email address or group name. From the list of matching users or groups, select the user or group to add. Free trial users can invite other users to start their own free trial. Provide the email addresses of the users to invite. The email addresses must use the same corporate email domain as your email address.
  4. 4.
    For a user or group, to change the assigned workspace permission sets:
    1. 1.
      Click Access. The dropdown list is populated with the list of custom and built-in workspace permission sets. If you selected multiple workspaces, then on the initial display of the workspace sharing panel, for each permission set that a user or group currently has access to, the list shows the number of workspaces for which the user or group has that permission set. For example, you select three workspaces. A user currently has Editor access for one workspace and Viewer access for the other two. The Editor permission set has 1 next to it, and the Viewer permission set has 2 next to it.
    2. 2.
      Under Custom Permission Sets, check the checkbox next to each workspace permission set to assign to the user or group. Uncheck the checkbox next to each workspace permission set to remove from the user or group.
    3. 3.
      Under Built-In Permission Sets, check the workspace permission set to assign to the user or group. You can only select one built-in permission set to assign. By default, for an added user or group, the Editor permission set is selected. To select a built-in workspace permission set that is lower in access than the currently selected permission set, you must first uncheck the selected permission set. For example, if Editor is currently checked, then to change the selection to Viewer, you must first uncheck Editor.
  5. 5.
    To remove all access for a user or group, and remove the user or group from the list, click Access, then click Revoke.
  6. 6.
    To save the new access, click Save.
Last modified 2mo ago