Comment on page
Roles and permissions
Formsort accounts are organized according to roles and permissions, in order to maintain the integrity of your form flows across team members, as well as to clearly delineate responsibilities across the team.
Examples of roles include, for example, Owner, Administrator, Deployer, Designer, and Engineer. Roles are associated to specific permissions such as Archive or delete flows, or Create or update themes. By assigning team members' accounts to different roles, you can control exactly which actions in the platform are available to whom.
The current list of permissions is as follows:
deploy_production: Deploy a variant revision to any production environment.
update_traffic_pattern: Change the traffic pattern of deployed variants within a flows.
update_environment: Create new environments or save new revisions of existing environments.
update_domain: Add, update, or remove domain names.
delete_flow: Archive or delete flows.
delete_variant: Archive or delete variants.
update_theme: Create or update themes.
switch_theme: Switch the theme for an existing variant.
update_credential: Create new credentials for integrations.
view_accounts: Retrieve the full list of accounts.
suspend_account: Suspend other accounts (listed as "delete" account on Owner page)
These permissions are associated to the following roles:
An Admin cannot assign or create an Owner role. Please make sure to re-assign the Owner permissions if the account is going to be suspended. If you find that there are no Owner-level permissions for your account, please reach out to the Formsort team via Intercom.
Roles are organized according to a hierarchy, visualized in the diagram below. At the top-level of the hierarchy is the Owner, meaning that the Owner has access to all permissions associated with all roles under it. Moving down the hierarchy, we have the Admin: the admin has access to all permissions except permissions specific to Owner, such as the ability to Suspend other accounts. The same rule applies at any level of the hierarchy: a given role has a subset of the permissions of the roles higher on the hierarchy, a superset of the permissions of the roles lower.
Hierarchical Model of Roles in Formsort
The platform does not contain an explicit Viewer role. Rather, all users on Formsort have the permission to view flows, by default.
A given permission can only be granted by a user who already has that specific permission. In other words, a Deployer can grant another user with Deployer permissions, a Designer with Designer permissions, and an Engineer with Engineer permissions. However, a Deployer cannot assign a user with e.g. Engineer or Admin permissions.
We have not yet implemented functionality to provide visual cues or to hide features which a user does not have permission to use. Currently, any feature that a user does not have permission for will appear normal in the platform, but the user will not be able to use it.