# Permissions *Bridge Admin Portal – Bridge Services LLC* ## Overview Within the Bridge Admin Portal, permissions determine what each user can see and do. There are three scopes for permissions: **Application**, **Project**, and **Organization**. Each scope has its own set of roles that control access at different levels of the platform. - **Application roles** govern global access across the entire Bridge platform (e.g., platform administrators who can manage tenants and system settings). - **Project roles** control what a user can do within a specific project (e.g., project members vs. project leaders). - **Organization roles** define permissions within an organization under a tenant (e.g., laborers, supervisors). Below you’ll find instructions on how to create and manage roles in each scope, along with a dedicated section on creating a new role. --- ## Application Roles Application roles (sometimes called *Tenant roles*) determine what users can do across the entire Bridge application. Typical roles include “Leader” and “Member,” but you can create custom roles with tailored permissions. ### Viewing Application Roles Navigate to **Settings → Roles → Application** to see existing roles. The summary cards show the role name, a description, and the number of permissions and members. Use this view to review or edit roles. > **Example:** In the screenshot below, the *Gardner 2* (default) and *Leader* roles are visible under Application roles. The **Add Role** button at the top right is used to create a new application-wide role. > > [![Settings Application Role](https://bookstack.austindurham.com/uploads/images/gallery/2025-11/scaled-1680-/image-1763502926575.jpg)](https://bookstack.austindurham.com/uploads/images/gallery/2025-11/image-1763502926575.jpg) ### Creating an Application Role 1. From the Application roles screen, click **Add Role**. 2. In the *Create role* modal, choose **Blank role** (start from scratch) or **Start from bundle** (copy an existing role’s permissions). 3. Enter a **Role name** (e.g., *Supervisor*) and an optional **Description**. 4. If you want this to be the default role for new application users, check **Make this the default role for new members**. 5. Click **Create Role**. 6. After creating the role, you’ll be taken to a permissions editor where you can enable or disable specific capabilities (e.g., managing tenants, editing settings). Save your changes when finished. 7. To assign users to the new role, go to **People**, edit the user, and select the new role from the **Role** drop‑down. --- ## Project Roles Project roles apply to individual projects. They let you control actions like viewing tasks, editing project details, or recording time entries. Default roles typically include **Member** and **Leader**, but you can create roles tailored to your workflows. ### Viewing Project Roles Navigate to **Settings → Roles → Project**. The default project roles will be listed, showing how many permissions and members each has. > **Example:** In the Project roles screen, you’ll see roles like *Member* and *Leaders*. The default role is highlighted, and you can create additional roles via the **Add Role** button. ![Project roles overview](https://bookstack.austindurham.com/%7B%7Bproject_screenshot%7D%7D) > > [![Add Role Button](https://bookstack.austindurham.com/uploads/images/gallery/2025-11/scaled-1680-/screenshot-2025-11-20-at-3-55-43-pm.png)](https://bookstack.austindurham.com/uploads/images/gallery/2025-11/screenshot-2025-11-20-at-3-55-43-pm.png) ### Creating a Project Role 1. Go to **Settings → Roles → Project** and click **Add Role**. 2. In the *Create role* modal, select **Blank role** or **Start from bundle**. 3. Provide a **Role name** and description (e.g., *Project Scheduler*). 4. Check **Make this the default role** if you want all new project members to receive this role by default. 5. Click **Create Role**. 6. The permissions editor will open. Enable project-specific permissions such as: - View project details - Edit tasks and milestones - Add or remove team members - Approve time entries 7. Assign the role within a project: open a project via **Projects**, go to its **Team** section, and select the new role for each user. --- ## Organization Roles Organization roles determine permissions within an organization under a tenant (for example, a subcontractor or department). These roles govern what users can do across multiple projects belonging to the same organization. ### Viewing Organization Roles Go to **Settings → Roles → Organization** to see existing organization roles. The role cards display the role name, description, and counts of permissions and members. > **Example:** The Organization roles page shows existing roles, like *Laborer*, and lets you add new roles via the **Add Role** button. ![Organization roles overview](https://bookstack.austindurham.com/%7B%7Borganization_screenshot%7D%7D) ### Creating an Organization Role 1. Navigate to **Settings → Roles → Organization** and click **Add Role**. 2. Choose **Blank role** or **Start from bundle**. 3. Enter a **Role name** (e.g., *Supervisor*) and optional **Description**. 4. (Optional) Set the role as the default for new organization members by checking the corresponding box. 5. Click **Create Role**. 6. In the permissions editor, configure organization-level permissions, such as: - Manage users within the organization - View all projects under the organization - Edit organization details 7. Assign users by editing their profiles in **People** or via the **Organization** page and selecting the new role. --- ## Creating a New Role – General Process Regardless of scope (Application, Project, or Organization), the process for creating a new role follows the same pattern. The modal shown below is the standard *Create role* form: > [![Creating New Role](https://bookstack.austindurham.com/uploads/images/gallery/2025-11/scaled-1680-/creating-new-role.png)](https://bookstack.austindurham.com/uploads/images/gallery/2025-11/creating-new-role.png) **Steps:** 1. **Open the Roles page for the desired scope** (Application, Project, or Organization). 2. Click **Add Role**. 3. **Choose a starting point:** - **Blank role** – Start with no permissions and add only what you need. - **Start from bundle** – Clone an existing role’s permissions as a template. 4. **Name the role** – Choose a clear and descriptive name that reflects the role’s purpose. 5. **Add a description** (optional) – Provide context for team members on when to use this role. 6. **Set as default (optional)** – If this role should automatically apply to new members within the scope, enable the default option. 7. Click **Create Role**. 8. **Configure permissions** – After creation, you’ll be directed to a page where you can toggle individual permissions. These may differ between scopes (e.g., project tasks vs. organization management). 9. **Assign users** – Go to the relevant area (People, Project Team, or Organization) and assign the new role to users. --- ## Best Practices - **Use descriptive role names** so team members understand their purpose (e.g., “Project Scheduler” instead of “Custom Role 1”). - **Limit privileges**: only assign users the permissions they need to perform their tasks. Start with a default role and add permissions as necessary. - **Review regularly**: periodically audit roles and assignments to ensure permissions align with current responsibilities. - **Test new roles** with a non‑critical user account to ensure the permissions work as expected before assigning them widely. --- *Last Updated: 2025‑11‑12* *(Managed by Bridge Platform Administration Team)*