Permissions and roles report for a single user
Related information
Related topics
You can run a permissions report to display all of a user's effective permissions. This report is a consolidated view of all the permissions that a user has across the company and it considers their user type, roles (for role-based companies), and permissions.
Use this report to:
- Display permissions in a single view
- Review user access and workflow
- Verify that users have access only to authorized data
In role-based companies, you can also view the roles assigned to a user, and the groups that a user belongs to, from different tabs within the report.
To access this page, go to Company > Admin > Users or Roles. In a user-based company, select View permissions next to the user whose permissions to view. In a role-based company, select View permissions and roles.
| Subscription | Company |
|---|---|
| User type | Business |
| Permissions | View, Run |
Run the Permissions report
By default, this report shows all the permissions that have been explicitly assigned to the user. In other words, someone checked the box that gave the user that permission.
Because some features are related or depend on each other, the user might have additional permissions that are not explicitly assigned. To view these additional permissions, select Show derived permissions on the Permissions tab of the Permissions report.
- Go to Company > Admin > Users. The Users list appears.
- In a user-based company, select View permissions next to the user whose permissions to view. In a role-based company, select View permissions and roles. A consolidated report of all the user's permissions and roles appears.
Run the Permissions report for external users
Users who slide into your company from a console (like the Accountant or Partner Console) will appear in the External Users list. Viewing effective permissions for external users works the same way; just start from the External Users list.
- Go to Company > Admin > Users > External users. The External Users list appears.
- In a user-based company, select View permissions next to the user whose permissions to view. In a role-based company, select View permissions and roles. A consolidated report of all the user's permissions and roles appears.
Export the report
You can export the Permissions and roles report to a CSV file anytime you run it.
To export a report:
- Go to the Users list.
- Select View permissions and roles for a user.
- Select Export permissions, then open the downloaded CSV file to see the report.
View roles and user groups
If you're in a role-based company, you can view the roles and user groups assigned to the user from the Permissions and roles report.
To view roles assigned to the user:
- Go to Company > Admin > Users.
- Select the Roles tab.
To view user groups that a user belongs to:
- Go to Company > All > Users & contacts > Users.
- Select Groups.
Frequently asked questions (FAQs)
You can get a custom report for user permission changes with an Audit Trail report.
To create and run an Audit Trail report, go to either Customization Services or Platform Services from the menu bar. Then select the Add (circle) beside Custom reports. The Custom reports wizard appears. For more information, see Create a user permissions report.
Derived permissions are permissions which have not been explicitly assigned, but are switched on by other applications.
For example, if a user is given permission to add user groups, the user is automatically granted permission to view the list of users. The ability to view the Users list is a derived permission.
Effective permissions are derived from the combination of a user's type, a user's admin privileges, and whether or not they’re operating in a role-based or user-based company. Learn more about effective permissions for a user.
What's in this report?
User information
| Heading | Description |
|---|---|
|
User ID |
The user ID assigned to the selected user or group. |
|
Username |
The name for the user. |
|
Type |
The user type that reflects the features that this user requires. Business users can be given access to any features, but other user types have limited access.
See the list of user types.
|
|
Admin privileges |
Displays whether the user or group has Full or Limited administrative privileges. If the user or group does not have administrative privileges, Off is displayed. |
Permissions report
| Report column heading | Description |
|---|---|
|
Subscription |
Shows which applications are currently assigned to the user. |
|
Activities, lists, and reports |
The name of the activity, list, or report within that application to which those users and groups have been granted access permission. |
|
Permissions |
The types of permissions granted (for example, List, Add, Modify, Delete, and so on). |
|
Show derived permissions |
Select this box to display the permissions not explicitly assigned to the user. These permissions are contingent on other enabled permissions. Permissions marked with an asterisk (*) are derived from another application’s permissions. When reviewing user permissions, you can hover over any permission marked with an asterisk to see its origin. This includes permissions automatically granted to Admins, or those derived from other permissions already assigned to the user. Details specific to that user and permission are displayed. This information is not included when you export the permission report. |
Roles (for Role-based companies only)
| Report column heading | Description |
|---|---|
|
Role name |
Name of the role. |
|
Description |
Description of the role. |
|
Subscriptions |
Shows which applications are currently assigned to the user. |
User groups
| Report column heading | Description |
|---|---|
|
User group name |
Name of the user group. |
|
Description |
Description of the user group. |
