Manage users, groups, and permissions

You can manage workspaces, users, groups and permissions from the administration tab on the left-side menu.


Users can be added and settings can be changed from the users section of the administration tab.

When the users tab is clicked a list of all users is displayed, but you can filter this to just the logged in users. Click the text box that says “Start typing” and type in the user's name to filter down the results to look up a user.

To add a user, click “+ Add User” and type in all of the credentials for the user such as username, name, password, and email. There is a license section that allows to place a license on the user. Listed licenses are Process modeler, Project manager, Process participant, and Process viewer.

Adding a user only adds them to the software, not a specific project or workspace. If you want to assign a role to a user, see the assign a role page


Instead of adding individual users to specific workspaces, permissions, etc. it is easier to allow groups access. Users can be added to groups and then the entire group can be allowed access or permissions.

To create a group click “+ Add Group” and type in the name of the group. Hit enter/return to make the group. To add a user to the group, click the specific group. From the group page, click “+ Add Member.” Once clicked, type in the name of the user and a drop down filtered menu will come up with users. Click a user to add them.


To add permissions to a group, select the Permissions tab. From here you can select what permission and customize the levels of accessibility.

Each permission can have the following attributes:


This switch defines if the permission is an Allow or a Deny.

The following rules apply:

  • Deny is stronger than Allow: A user has no access to a specific domain, if that user is member of two groups and one denies access to that domain and one allows it.
  • Everything, that is not explicitly allowed is denied.


The domain attribute defines which operations a user can execute.

This permission matrix shows the relationship between the permission domain and the user operations.


This attribute defines for which workspace or group of workspaces the permission applies to.


When the transitive attribute is selected, the permission applies to the whole subtree of workspaces. If it is not selected, the permission only applies to the workspace as defined with the above attribute.


The RMCD attributes are levels of accessibility to domains. The administrator can give access to any of the four attributes at any time.

R Read
M Modify
C Create
D Delete


The level attribute is only relevant for the Processes domain. It corresponds with the security level of the individual process elements. For example: If a certain security level applies to a process element, a user needs Read permissions with the same level or higher to be able to see it.


This attibute defines the precedence of the permission. The precendence is as follows:

High Deny > High Allow > Low Deny > Low Allow