Whether your CRM users are entry level employees or members of senior management, your CRM system should allow you to configure the right data access levels for every user. Creatio lets teams assign user access for a certain breadth of information depending on the resources they need to perform their job.

Why are access rights and permissions so important?

They ensure that only authorized individuals have access to sensitive information. This helps businesses maintain data compliance standards and reduce the risk of information being damaged, stolen or even corrupted.

Creatio's user management and security permissions are used to configure exactly what each user can see within their system. Let's take a closer look at the levels of user management and permissions we can utilize in Creatio.


Roles represent the types of users within your organization. There are two different types of roles used in Creatio: Organizational and Functional. Organizational roles are user groups that represent your departments, subgroups, or specific teams. Examples of organizational roles would be the Sales Department, Finance Department or even the West Office HR Department. Functional roles represent specific employee job titles. An example of functional roles would be Branch Manager, Finance Manger etc. Let's start with organizational roles.

Setting organizational roles allows you to assign permissions for all users underneath that role. One thing to note here is that organizational roles automatically inherit the parent organizational roll permissions. Within the organizational role, you also have the ability to add a Managers role to a single organizational role. For instance, in our example below, the West Division may also have an associate manager, Valerie Murphy, Head of Department. Within the Managers role, you can set up special access permissions for your managerial staff as well.

Creatio organizational roles

Connecting your Functional and Organization Roles

As you are building your organizational role, think about how your company is organized today. What roles are needed? Let's set up an example hierarchy here:

creatio functional and organizational roles

Step 1: Define an organizational role. This CAN include a parent-organization. 

Step 2: Define your functional roles. Which employee titles will be included per division?

Step 3: Finally, identify if we want to include managers. If so, that can be done on an organizational level as well.

Defining User Access using Permission Types

After we have defined our organizational and functional roles, we need to identify the actual permission access. In Creatio, you can assign permissions to different objects, columns records, and even overall options. Let's discuss the difference.

Object Permissions: Your objects represent individual sections or details within your Creatio instance. Think about your standard or custom sections. What is your business use case? Should all your users have access to all the sections within the instance? You can also dig a little deeper into this level of permissions. Not only can you define general options, but you can also define whether you want your users to have the ability to edit, add, or even delete records within the section.

Record Permissions: This permission type defines permissions on a per-record basis. By default, all users have access to all records within the system. However, you can limit that access. For instance, say you’re creating a new Account record for your vendors. You can use Record Permissions to prevent inside sales reps from accessing that specific created vendor Account.

Column Permissions: Within Creatio, your columns are 'fields' found within your specific record page. These columns can be standard fields or custom columns that your admin created to fulfill your business needs. Say you have a field called 'Employee Requests' where users can submit requests for vacation time, sick leave, etc. Column permissions allow you to block other users from seeing those request records labeled' Employee Requests' to maintain employee privacy.

Operation Permissions: Operation Permissions are used to configure access rights to preconfigured system operations and functions accessible to your system admins. For instance, field creation, detail creation, or even import and export functionality.  By default, these operations are only available to the system admins. However, you can grant access to other users with Operation Permissions. Although this is an option, we do not recommend giving users outside of system administrators access to this level of configuration outside of special use cases.

For more information on how you can customize your user permissions inside Creatio, reach out to your Technology Advisors support team.

Posted in:

Looking for Creatio help?

We do training, customization, integration, and much more. Contact us today.