Features Introducing Role-based Access Permissions Maarten VerwaestFebruary 24, 2018 We introduced role-based access permissions to help you better controlling your digital media production workflow. We’ve seen production workflows growing more complex recently. Why we modified the way you manage Access Permissions It is often a shared and collaborative effort, in which several companies participate. So we looked for the best possible way to support such an approach and we redesigned the way you manage your account and the authorisations that go along with it. It is now easier than ever to add new users and your project is less prone to errors because you have a better overview of all access permissions granted. The key objectives for redesigning the access permissions system were to offer you improved usability and increased security. Because you now grant permissions by creating roles and by giving users a specific role per production, managing large projects with several tens of people accessing it is now easier and more solid than before. It is faster to invite multiple people at the same time, your existing user base is much easier to manage. As a side-effect, we’ve found that granted permissions are set now more appropriate, thereby increasing the overall level of security. What exactly did we change? As a first key element of this new update, you’ll appreciate an extended and more fine-grained set of permissions. It allows you to define a more precise security perimeter. Based on valuable feedback we got from our users, we replaced the original course-grained set of 5 with 15 new permissions. So, for example, you can now grant a user permission to add or edit material in your production without the ability to delete material. A second major improvement lies in the introduction of roles. You define a role by giving it a name and a description, and by selecting the permissions the role should have. Next, when inviting a batch of users, you just give than the most suitable role in that particular production. As each user has exactly one role in a production, so it is really easy to manage who can access and execute what in your production. Frequently Asked Questions Do I need to review my existing access permissions? No. We converted the pre-existing access permissions into roles as part of the roll out. Our company is using Active Directory to manage users and their access permissions. Is Limecraft compatible with Active Directory? Yes, we are. Yet, integration with Active Directory or similar requires additional customisation of the setup. Please contact email@example.com for more info. Creating roles sounds like additional work. Do I have to? No. By default, a few standard roles are available in each production. For example, a Production Administrator can do everything, and a Production Member can do everything except for changing production settings. If you want to avoid the administrative burden of managing roles, you can use the standard setup. If a user has Edit Team permission but not Delete Clips permission, can he invite a user with that permission? No. A user with the Edit Team permission can only give permissions he has himself. We warmly welcome any feedback or questions via firstname.lastname@example.org or you can leave some comments below.