Access permissions in ELMA365 / Access to app data

Access to app data

In ELMA365, you can set up flexible access permissions for data stored in apps.

Depending on employees positions or roles, they can have different types of access permissions to app data. For example, a sales manager can create, edit, or delete items in the Deals app, whereas a sales rep can only view them.

начало внимание

Only users included in the Administrators group can grant or restrict access in app settings.

конец внимание

Configure access

Please note that employees regularly working with an app should be granted access to the workspace it belongs to and to the app itself. Then they will be able to see all app items they have access to by opening the app in the left menu.

If an employee needs one-time access to a specific app item, for example, in a business process task, they don’t need access to the workspace and app the item belongs to. The employee will be able to open the app item page using a direct link, for example, from the task.

To manage access to app data:

  1. Click the app gear icon icon to the right of the app name and select Access Settings.


  1. The Access Settings page will open. The default option is All users have access to the app and all its items. This means that any user in the system can create, view, edit, and delete app items, as well as export their data and import data to them.


  1. If you wish to configure access to app data for specific employees, select Restrict access to data.

Restrict access

When the Restrict access to data option is enabled, you can select users and specify which actions they are allowed to perform with app items.


There are three options for restricting access to app items:

  1. Restrict access to app. The most general option. The access permissions that you set up will be applied to all items in the app.

Use this restriction option if all data in the app can be available to all employees working with it. You can configure permissions based on the employee’s position. For example, all HR department employees can view job openings, but only the manager can create, edit, and delete them.

  1. Restrict access to app folders. If folder hierarchy is enabled in the app, you can configure different access settings for different app folders.

Use this restriction option if different employees should have access to data from different folders. For example, there can be two folders in the Job Openings app: for management positions and for other employees. Only the HR department manager works with the first folder, while the second one is available to all HR department employees.

  1. Restrict access to app items. The most specific option. You can configure permissions individually for each app item and grant access to different users.

Use this option when you need to set up specific permissions for each app item. For example, each sales rep in the sales department may only have access to the contracts they work with. Data from contracts is considered confidential and cannot be shown to any other employees. You can grant the permission to view and edit a contract to its Author and employees specified on the contract’s page as the Superior and the Approver.

Please note that you can grant temporary additional permissions to specific app items to let users complete one-time tasks. This can be done:

  • On app item pages.
  • In business process settings.

For each type of restriction, the Enable permission inheritance based on org chart subordination option is available. The option is enabled by default and allows all superiors specified in the hierarchy of the organizational structure to have the same access to the app, its folders, and items that is granted to a subordinate.

If your company’s regulations require that employees work with confidential information to which third-party access must be restricted, disable this option. After that, supervisors will not have the same access rights as those granted to a subordinate.

Read more about different cases of restricting access to app data in Combinations of access permissions.

Types of access permissions

You can grant the following permissions to users:

  • View/Read. Users can view and download the app item.
  • Create. Users can create new app items.
  • Edit. . Users can edit previously created app items and rename them. For Document type apps,users will be able to add file versions.
  • Delete. Users can delete app items.
  • Assign Permissions. Users can grant and restrict additional permissions to specific app items, as well as grant permissions to view an item when the user is mentioned in the associated activity stream. This option is not available for the Restrict access to app items option.
  • Process management. Users can interrupt business processes, view task pages, and reassign tasks.
  • Export. Users can export app items that they can view. This option is not available for specific app folders.
  • Import. Users can import data to the app. This option is not available for specific app folders.
  • Full Access. All the actions mentioned above are allowed.

Found a typo? Highlight the text, press ctrl + enter and notify us