Access controls are roles you can assign to a model and configure to either allow or deny view, create, update, and delete permissions. You can also be more granular and apply filters to manage access to specific properties within a model.
You must add an access control policy when you add a model because without them when you add content to a page based on the model, no one, including the Tenant admin or the person who created the model, can view the page. So, for example, if you add a page with any content based on a model and don't assign any access controls, you can't view the page. Instead, you'll see this error message:
The access control roles can determine what menu items and buttons you see. For example, if you don't have View access to any models used in blocks on a page, you won't see that page in a menu or access it directly with the URL. Also, for example, if you have an action button on a block that opens a dialog box to add or update the record, and you don't have the Create or Update permissions for the model, Applaud hides the button from you.
Default roles
Access controls are role-based, and your Applaud tenant includes a few default roles. However, you can also create your own role types and assign users to these roles. See our knowledge base articles in the Roles section.
These default roles already have some restrictions applied by Applaud automatically. For example, the Brands and app admin role can't view all the menu items on the Admin home page. See the table for what each role can access and how you can use each role.
Role | Default access | Description |
---|---|---|
All API Keys | None | Typically, you would use this role for integration into third-party software, apps, or websites. For example, you must assign this role to your model to use Workato to import or export data. |
Anonymous | None | You can use this role for anyone who accesses a page on your Applaud tenant but who hasn't signed in. For example, you might want users who don't sign in to your Applaud tenant to be able to see a page with job listings on it. Ensure you configure if you want search engines to find any pages linked to this model in the page settings. See our knowledge base article, About Search engine optimization (SEO). |
Authenticated | None | Applaud assigns this role automatically to anyone who can sign in to your Applaud tenant. You can use this role to manage access to model data used in page content for all your signed-in users. |
Brands and app admin |
|
Typically, users with this role manage your brand and are responsible for configuring your app. For example, users with this role assigned to them can view the functions on the Admin home page listed in this table. In addition, you can use this role to control the access these users have to model data. For example, they could have View permissions without Create, Update, or Delete permission. |
Deleted | None | Users with this role assigned to them can't sign in to your Applaud tenant and are shown this error message when they try to sign in. When you delete a user in your Applaud tenant, Applaud assigns this role to them. Deleted users don't count toward your subscription. |
Experience designer |
|
Typically, users with this role build most of your functionality within your app, from adding models to creating pages, forms, and lists. Users with this role assigned to them can view the functions on the Admin home page listed in this table. In addition, you can use this role to control the access these users have to model data. For example, they could have View, Create and Update permissions but not Delete permission. |
Identity manager |
|
Typically, users with this role manage the users within your Applaud tenant. For example, invite users and assign or revoke roles. Users with this role assigned to them can view the functions on the Admin home page listed in this table. In addition, you can use this role to control the access these users have to model data. For example, they could have View, Create and Update permissions but not Delete permission. |
Suspended | None | Users with this role assigned to them can sign in to your Applaud tenant and are shown this error message when they try to sign in. Applaud assigns this role to anyone you have suspended. Typically, you would use this to control users' access that no longer require access to content on your Applaud tenant but could, for example, still access their personal information. Suspended users still count toward your subscription fee. |
Tenant admin |
|
This role has access to all functions in your Applaud tenant. |