Managing roles and authorisations

Last updated:

Read this article to find out about the roles used in Formcentric and their associated rights.

The two main Formcentric roles

Formcentric makes use of two main roles, which have different sets of responsibilities and access privileges.

Normal users

Typical users: Employees who create and manage forms, but who do not handle any administrative tasks.

Basic functions

  1. Create and edit forms
  2. Manage own forms
  3. Use form designs
  4. Use media

Restricted rights

  1. No access to the Admin centre
  2. Cannot invite new users
  3. Cannot change the organisational settings

Administrators

Typical users: Team leaders, IT managers or other individuals who are responsible for managing the Formcentric account.

Additional rights

  1. Full access to the Admin centre
  2. Management of users and organisational settings
  3. Group management and authorisation management
  4. System configuration

Administrator rights in detail

1. User management

  1. Inviting new users to Formcentric → Inviting users
  2. Deleting and removing users → Deleting user accounts
  3. Managing group memberships → Adding or removing users from groups
  4. Resetting passwords for other users → Resetting password

2. Security management

  1. Making two-factor authentication (2FA) compulsory for all users → Making two-factor authentication (2FA) compulsory
  2. Removing 2FA devices – Removing two-factor authentication devices → Device with authentication app lost – reset 2FA

3. Form management

  1. Terminating form editing – Terminating editing of a form by other users

4. Group management

  1. Creating groups for organising users → Creating groups and adding members
  2. Assigning users to groups for structured authorisations → Adding or removing users from groups
  3. Configuring group authorisations → Specifying permissions for submissions

5. Authorisations for submissions

What are submissions?
Submissions are the form data that is sent in by website visitors. This data is sensitive and business-critical, and must therefore be well-protected.

Group-related rights

  1. Show submissions: View form data → Submissions area
  2. Export submissions: Download data as CSV/Excel → Exporting submissions
  3. Delete submissions: Remove individual submissions → Deleting submissions

Scope

  1. Individual forms: Rights apply only for specific forms
  2. All forms: Rights apply for all of the organisation’s forms

Specifying permissions for submissions

6. System configuration

Website integration

Manage domains and subdomains on which forms can be embedded → Adding domains

Adding domains

  1. Select and configure captcha methods → Changing the CAPTCHA provider

API client management

  1. Create API clients → Creating API clients
  2. Deactivate API clients → Deactivating API clients
  3. Delete API clients → Deleting API clients
  4. Reset client secret → Resetting a Client secret

Subscription management

  1. View current plan limit and switch plans → Plan limits

Important security notes

  1. Grant admin rights sparingly - only to trustworthy individuals
  2. Make regular checks of who has which rights
  3. Delete accounts of former employees immediately

Other security precautions

Feedback

Was this article helpful?

Page 1/2
ISO/IEC 27001 Icon
IT-Mittelstand Software Hosted in Germany
IT-Mittelstand Software Made in Germany