Access controls are roles you can assign to a model and configure to either allow or deny view, create, update and delete permissions. You can also be more granular and apply filters to manage access to specific properties within a model.
You must add an access control policy when you add a model because without them when you add content to a page based on the model, no one, including the Tenant admin or the person who created the model, can view the page. So, for example, if you add a page with any content based on a model and don't assign any access controls, you can't view the page. Instead, you'll see this error message:
The access control roles can determine what menu items and buttons you see. For example, if you don't have Viewaccess to any models used in blocks on a page, you won't see that page in a menu or access it directly with the URL. Also, for example, if you have an action button on a block that opens a dialog box to add or update the record, and you don't have the Createor Updatepermissions for the model, Applaud hides the button from you.
Default roles
Access controls are role-based, and your Applaud tenant includes a few default roles. However, you can also create your own role types and assign users to these roles. See our knowledge base articles in the Roles section.
These default roles already have some restrictions applied by Applaud automatically. For example, the Brands and app adminrole can't view all the menu items on the Admin home page. See the table for what each role can access and how you can use each role.
| Role | Default access | Description |
|---|---|---|
| All API Keys | None | Typically, you would use this role for integration into third-party software, apps, or websites. For example, you must assign this role to your model to use Workato to import or export data. |
| Anonymous | None | You can use this role for anyone who accesses a page on your Applaud tenant but who hasn't signed in. For example, you might want users who don't sign in to your Applaud tenant to be able to see a page with job listings on it. |
| Authenticated | None | Applaud assigns this role automatically to anyone who can sign in to your Applaud tenant. You can use this role to manage access to model data used in page content for all your signed-in users. |
| Brands and app admin |
|
Typically, users with this role manage your brand and are responsible for configuring your app. For example, users with this role assigned to them can view the functions on the Admin home page listed in this table. In addition, you can use this role to control the access these users have to model data. For example, they could haveView permissions but not Create, Updateor Deletepermission. |
| Deleted | None | Users with this role assigned to them can't sign in to your Applaud tenant and are shown this error message when they try to sign in.
 |
| Experience designer |
|
Typically, users with this role build most of your functionality within your app, from adding models to creating pages, forms, and lists. Users with this role assigned to them can view the functions on the Admin home page listed in this table. In addition, you can use this role to control the access these users have to model data. For example, they could have View, Createand Updatepermissions but notDelete permission. |
| Identity manager |
|
Typically, users with this role manage the users within your Applaud tenant. For example, invite users and assign or revoke roles. Users with this role assigned to them can view the functions on the Admin home page listed in this table. In addition, you can use this role to control the access these users have to model data. For example, they could have View, Createand Updatepermissions but notDelete permission. |
| Suspended | None | Users with this role assigned to them can sign in to your Applaud tenant and are shown this error message when they try to sign in.
|
| Tenant admin |
|
This role has access to all functions in your Applaud tenant. |