System Role Permissions

A System Role is a collection of powers and permissions given to a User. 

What is a System Role?

System Roles work in conjunction with User Types and Network Locations to determine an individual's access within the system. Most KaiNexus users will have at least one System Role, though a User can be assigned as many System Roles as appropriate.

System Roles can determine a User's:

• Default notification settings
• Default Board, access to Boards, subscriptions to Boards
• Ability to create, view, edit, assign, or participate in certain Items
• Ability to approve Milestones
• Administrative permissions and responsibilities within KaiNexus

What permissions can System Roles grant?

A System Role Permissions are divided into three categories:

• Template and Workflow Permissions
• Advanced Permission
• Admin Permissions

Template and Workflow Permissions

Template and Workflow Permissions are a collection of abilities granted for specific Templates and Workflows. These Permissions give Users the ability to see and work with Items in which they may not be on the Team. 

When building Template and Workflow Permissions for a System Role, you must first decide which Templates and Workflows the set of abilities should apply to. 

• If you select a Workflow, the Permissions will apply to all Templates within that Workflow.
• If you select a Template, the Permissions will apply to only Items created from that Template. Building out Permissions on the Template level is a way to be very granular while designing System Roles.  

All Template and Workflow Permissions except for "Participate" also specify where in the Network the Permission is valid. For example, a User might have Edit Permission for Improvements, but that doesn't necessarily mean they can Edit all Improvements in the system. The scope of their Permission depends on to which Locations their Permission is applied.  

The Network Locations options are: 

• Everywhere: The Permission is applied to all Items within the specified Template or Workflow, regardless of what Network Location the Item has.  
• Location and Below: The Permission is applied to all Items within the specified Template or Workflow that are in the User's Network Location and the Network Locations nested beneath it. 
• Only Location: The Permission is applied to only Items within the specified Template or Workflow that are in the User's Network Location.  
• Only User's: The Permission is applied to only Items within the specified Template or Workflow in which the User is also on the Item Team.  

Advanced Permissions

Advanced System Role Permissions are not tied to any Template, Workflow, or Location. They are stand-alone Permissions that grant access to different Sections of KaiNexus. 

Using Advanced System Role Permissions, you can:

• Grant Users access the Items, People, and Reports section
• Give Users the ability to create Boards
• Give Users visibility into Impact and Report data

Admin Permissions

Admin Permissions are typically given to administrators or improvement leaders who need a greater level of access in KaiNexus. 

Using Admin System Role Permissions, you can:

• Give Users widespread access to edit Board and Cards
• Give Users the ability to edit User Profiles and create new Users
• Give Users the ability to manage Attribute Values, Weighted Scores, and Locations.
• And much more!