Access control policies allow you to manage who can see, create, update, or delete data in your Applaud tenant. They are role-based rules that you apply to models to control what different users can do, helping you keep sensitive or irrelevant data hidden from view. When you add content to a page powered by a model, no one, including the Tenant admin, can see that page unless you've assigned access controls to the model. Without such controls, you’ll see this message:
Access control policies not only protect data but also shape the experience. For example, if you don’t have View access to any models used on a page, that page won’t appear in menus or links, even with a direct URL. If a button triggers an action like “Create” or “Update” but you don’t have those permissions, the button won’t appear.
Default roles
Applaud includes a set of default roles to help you get started. These roles already come with some permissions, and you can also create your own roles and assign users to them. Learn more in our Roles articles.
Here’s a breakdown of the built-in roles and what they can typically access:
| Role | Default access | Description |
|---|---|---|
| All API Keys | None | Typically, you would use this role for integration into third-party software, apps, or websites. For example, you must assign this role to your model to use Workato to import or export data. |
| Anonymous | None | You can use this role for anyone who accesses a page on your Applaud tenant but who hasn't signed in. For example, you might want users who don't sign in to your Applaud tenant to be able to see a page with job listings on it. Ensure you configure if you want search engines to find any pages linked to this model in the page settings. See our knowledge base article, About Search engine optimization (SEO). |
| Authenticated | None | Applaud assigns this role automatically to anyone who can sign in to your Applaud tenant. You can use this role to manage access to model data used in page content for all your signed-in users. |
| Brands and app admin |
|
Typically, users with this role manage your brand and are responsible for configuring your app. For example, users with this role assigned to them can view the functions on the Admin home page listed in this table. In addition, you can use this role to control the access these users have to model data. For example, they could have View permissions without Create, Update, or Delete permission. |
| Deleted | None | Users with this role assigned to them can't sign in to your Applaud tenant and are shown this error message when they try to sign in.
|
| Experience designer |
|
Typically, users with this role build most of your functionality within your app, from adding models to creating pages, forms, and lists. Users with this role assigned to them can view the functions on the Admin home page listed in this table. In addition, you can use this role to control the access these users have to model data. For example, they could have View, Create and Update permissions but not Delete permission. |
| Identity manager |
|
Typically, users with this role manage the users within your Applaud tenant. For example, invite users and assign or revoke roles. Users with this role assigned to them can view the functions on the Admin home page listed in this table. In addition, you can use this role to control the access these users have to model data. For example, they could have View, Create and Update permissions but not Delete permission. |
| Suspended | None | Users with this role assigned to them can sign in to your Applaud tenant and are shown this error message when they try to sign in.
|
| Tenant admin |
|
This role has access to all functions in your Applaud tenant. |