Configuring Groups (Roles)

Article Number:04061

A group (role) is a collection of users categorized by their job titles or responsibilities, regardless of which department they belong to.

Example:

  • A group (role) for managers
  • A group (role) for the team members developing a new product

Groups (roles) are selectable options of "Group selection" fields. You can set permissions for each group (role), or specify groups (roles) as process management assignees.
Group selection

Managing groups (roles)

You can create and manage groups (roles) in the Groups (or Roles) settings in Users & System Administration.

There are two types of groups (roles): static and dynamic.

  • Static groups
    Static groups are created by specifying users.
    The members of a static group do not change unless a Users & System Administrator adds or removes them.
    For details on how to set up static groups, refer to Adding Static Groups.

  • Dynamic groups
    Dynamic groups are created by specifying conditions, such as job titles or departments. Users who meet the conditions are included as members of the group.
    The members of a dynamic group are automatically updated when changes are made to the job titles or departments of users who belong to it.
    For example, you can configure a "Manager" dynamic group so that any users whose job title is changed to "Manager" will automatically be added to the group. To do so, add a dynamic group and specify the job title "Manager" as its condition.
    For details on how to configure dynamic groups, refer to the following pages.
    Adding Dynamic Groups
    Specifying Conditions for Dynamic Groups

Example of setting permissions using groups (roles)

This example shows how to give permissions for viewing, editing, and deleting confidential records in kintone exclusively to members of a manager group (role) configured in Users & System Administration.

  • Settings to be configured in Users & System Administration
    Set up a manager group (role).
    "Group (or Role) Settings" screen Reference: Configuring Groups (Roles)

  • Settings to be configured on the kintone app
    On the app form, place a field used for labeling records confidential.
    After that, configure the Permissions for Records settings as follows.

    • Specify the value of the field as a condition.
    • Add the manager group (role) as the target, then enable its View, Edit, and Delete permissions.
      The Permissions for Records settings screen For details on how to set permissions, refer to Managing Permissions.

When you configure the settings as explained above, the records visible to users will change depending on whether or not they are a member of the manager group (role).

  • If a user is a member of the manager group (role):
    The screen shows records labeled as confidential.
    Screen that shows confidential records

  • If a user is not a member of the manager group (role):
    The screen doesn't show any records labeled as confidential. Screen that doesn't show any confidential records