Check out our On-Demand Roles and Permissions Configuration Videos


This article will discuss the various configuration options you will encounter when configuring Administrative Permissions for that Role.


Administrative Permissions are high-level access permissions that should only be granted to Network and/or Site Administrators.

The first set of Permissions on this page is the Manage Users permissions. Since User management has high security risk potential, Create/View/Edit permissions are all lumped into this one setting.



When setting Manage Users permissions to “Yes”, you will be prompted to configure which Roles and Sub Roles the User can grant to other Users. This is done via the “Allowed Base Roles” and “Allowed Sub Roles” sections that appear.

The next Administrative permissions that are configured on this page are Manage Passwords permissions. This  permissions setting allows Users in this role to change other Users' passwords without having to grant this role full Manage Users access.

Next you will be able to configure View Module Log Permissions. This setting makes various Case and Service Logs appear for Users in this Role. Be aware that granting Module Log access grants visibility of Case and Service level logs that are not controlled by permissions. This could potentially expose a user to data they do not have privilege to see. As a result, this permission should be reserved for Administrators and high-level staff that have no restrictions to Case and Service data.

Next, you will be able to configure Administer Activity Permissions. These permissions allow Users in this Role to manage and administer the Activity Module. 


For more information regarding Managing the Activity module, please watch the On-Demand Training Series titled “Activities - Network Level Administration” and “Activities - Site Level Administration”.

Next, you will be able to configure Administer Referral Type permissions. These permissions are for managing Referral Types. Users assigned to a specific Site will only be able to manage Referral Types for their specific Site. 

Next, you can configure Site Profile Access. Site Profile Access allows Users in this role to edit a site's Site Name, Logo, Address, and Phone information. This access should typically be reserved for Site-specific administrators.

After that, you are able to set Administer Site Activities Permissions. These permissions allow Users in this role to Administer the Site Activities that are found on their Site Profile page.

Next, you will be able to grant Site Billing Profile Access. If you do not see this permission setting, then that means that your implementation of Collaborate is not using the Billing Module. Site Billing Profile Access allows Users in this role to turn Billing On/Off for their site, configure Eligible Billing Modules, Default Rates, and Lookup Values. This access should typically be reserved for site-specific admins.

The final permissions setting you will encounter is the Full CAC Network Access permission. Granting this permission will give Users in this role access to all sites within a Network instead of being assigned to a specific Site. The role will still follow all previously defined permissions. This setting should be reserved specifically for Network Administrators.

Once you have configured the desired settings on this page, click Continue.

Since this is the last page of permissions, you will be directed to the Role profile page, where you can review all of the permissions you just granted for that Role.

Roles and Permissions Configuration Series