A pixel for Quora tracking

The guide to Roles and Permissions on Forest Admin

The best internal tools are those that can smoothly grow together with the company. And once the company grows and onboards more people, assigning them different roles becomes necessary. Forest Admin offers the most advanced and granular access control system among all internal tool solutions.

The guide to Roles and Permissions on Forest Admin

Internal tools are the backbone of every customer-facing organization.

This is where companies process customers’ claims, keep track of inventory, deal with booking and refunds, automate integrations with third-party tools, collaborate internally, and so on… The sky's the limit as every business is unique.

When the team is small and workflows are simple, a basic admin panel can be all you need. However, once the company grows and onboards more people, assigning them different roles becomes necessary. This is because a first-line customer support representative needs to access a set of data different to that of a C-level executive and a different layout than a developer.

There are many different factors to consider when setting up roles and permissions, and it is important to get it right to avoid any disruptions in the company's operations.

Forest Admin is an internal tool solution that makes it all feel like a breeze.

Our permission levels and role-based permissions allow you to have a clear overview of who can do what on the Admin Panel and adjust it at will. With Roles and Scopes, you can easily control what data is available to users. Thanks to the team-based layouts, Forest Admin lets you create different layouts through various features to meet your teams’ specific needs. As far as we know, no other internal tool solution on the market offers an equally advanced and granular access control system.

Let’s take a successful subscription-based SaaS product as an example.

After securing a series A funding and onboarding a great number of customers, the company hired dozens of new employees across different teams. Their internal tool needs not only to grow with the company but also be flexible enough to mirror internal workflows.

All of that is possible with Forest Admin. Let’s dive in.

Permission levels

To start with, Forest Admin has 4 default levels of administration permissions: Admin, Developer, Editor, User. It is a security layer that decides on who can access the Project Settings, and edit the UI layout. User access can be customized with Roles, which we’ll present in a moment.

The default permission levels on Forest Admin: Admin, Developer, Editor, User.
The default permission levels on Forest Admin: Admin, Developer, Editor, User.

Read how to manage permission levels in the Documentation.


Thanks to Roles, it’s possible not only to restrict access to some data, but also allow users to perform specific actions – or not.

For example, in case of our SaaS business, the Customer Support team may be allowed to perform CRUD operations on user data – such as adding a ticket, uploading a document, deleting an outdated contact information –  while a Sales team representative may not be given this functionality.

Thanks to Roles, it’s possible to set up a complex Customer Support workflow with various levels.

A  level 1 support may for instance be given read-only access to information because their role is simply to solve basic tickets. At the same time, level 2 support may be able to edit user data and trigger smart actions, while level 3 may validate approval workflows and smart actions triggered by level 2.

The role creation form in the Forest Admin project settings.
Adding a Role takes a few seconds only. Go to the Roles tab of your Project Settings, click on “Create role”, give it a name, assign users and copy permissions from another role if you want to.
The role creation permissions configuration in the Forest Admin project settings.
Once you save the role, you’ll be redirected to Smart actions permissions and Collections permission, where you’ll be able to edit what actions are available to users with this Role.

Go to the Documentation to learn more about Roles.


Scopes are predefined filters that can be used to fine-tune what data is available to users. More specifically, scopes can be set up to filter data dynamically on the current user.

Let’s go back to our SaaS business. After having opened a second office – this time in Paris – the company hired a new Customer Support team to deal with French customers. An admin has set up their Forest Admin in a way that they can only see users based in France, while the Berlin-based team can only see users from Germany. This is  possible because scopes can be dynamic and filter data for each user.

Creating Scopes is as easy as teams and roles. However, Scopes are linked to collections and their settings can be found in the Collection’s setting in the Layout Editor More, not in Project Settings.

The scope configuration in a Forest Admin collection settings.

Go to the Documentation to learn more about Scopes and how to make them dynamic.

Team-based layouts

Apart from Permission Levels and Roles, Teams are very powerful, and allow to create different layouts for different teams. For instance, Customer Support might need to see a transaction ID immediately, so this should be the first column in their dashboard. Sales team –  to the contrary –  doesn’t refer to ID and the first column they see should be a company name. In addition, a team that acts mostly on raw data, should see the ‘Data’ tab in their Forest Admin by default. Another team may prefer to see the ‘Dashboard’ tab instead.

Such a setup can be easily done first on Forest Admin’s Project Settings and then in a Layout Editor Mode.

The propagation of a layout configuration from one Forest Admin team to another.
Adding a new Team is as quick and simple as creating a Role. Go to Project Settings -> Teams -> click on “Create a new team”, give it a name, add users, and either copy a layout configuration from a similar team or start a new one from scratch.

Go to the Documentation to learn more about Teams.

Giving access to external partners

With Forest Admin, it’s also possible to give access to your internal tool – or some parts of it – to external users such as franchisees, resellers or various clients, and make your business operations even more efficient.

Let’s further our SaaS business example.  

Now the company wants to expand to the US but decided to use a network of resellers instead of opening a branch there. They wish to give them access to the admin panel but with a limited set of permissions to make sure they can only see data that is relevant to them.

The Forest Admin invitation form in the project settings.
Inviting external users works just like inviting any other users. Just make sure you assign them to the right Team, Role, and give the right Permission Level. You can also use a tag for better data filtering once you have more users to manage.

Read more about Forest Admin for Partners

The best internal tools are those that can smoothly grow together with the company.

Typically, most internal tool solutions offer a way to manage roles and permissions, however, in some cases, this option is rather limited.

We’ve compared different tools to help you make the right choice.

A summary comparing various tools features availability.

Do you need an internal tool solution with the most advanced and granular Roles and Permissions features on the market?

Try Forest Admin for free