Team Access and Permissions

Permission System Overview

Buckets provides a flexible permission system that allows you to control who can access, view, and manage your feedback data. Understanding these permissions is crucial for maintaining data security and team collaboration.

Permission Levels

🔒 Owner

• Full access to all features
• Manage team members
• Configure integrations
• Delete buckets and data
• Billing and subscription management
• System administration

👑 Admin

• Create and manage buckets
• Invite team members
• Configure settings
• Access analytics
• Manage integrations
• Cannot delete account

👥 Member

• View assigned buckets
• Add and edit feedback
• Use search features
• Access basic analytics
• Cannot manage settings
• Cannot invite others

👀 Viewer

• Read-only access
• View feedback and reports
• Use search functionality
• Cannot edit or delete
• Limited analytics access
• Cannot invite others

🔗 Guest

• Temporary access
• Limited to specific buckets
• Time-limited access
• Cannot see team members
• Basic feedback viewing
• Auto-expires

Bucket-Level Permissions

Granular Access Control

Each bucket can have different permission settings, allowing you to control access at a granular level:

Access Types

• Public: All team members can access
• Private: Only invited members
• Restricted: Specific permission levels
• Guest Access: Temporary external access

Permission Actions

• View: Read feedback and reports
• Edit: Modify feedback and comments
• Manage: Configure bucket settings
• Delete: Remove feedback and data

Managing Team Members

Inviting Team Members

Step 1: Send Invitations

• Go to Team Settings in your dashboard
• Click "Invite Team Member"
• Enter email addresses
• Select initial permission level
• Add custom message (optional)

Step 2: Assign Bucket Access

• Select which buckets they can access
• Set bucket-specific permissions
• Configure notification preferences
• Set up role-based access

Role Management

Custom Roles

• Create custom permission sets
• Define specific capabilities
• Assign to multiple team members
• Update permissions easily

Bulk Management

• Update multiple members at once
• Copy permissions between users
• Export permission reports
• Audit access changes

Security Best Practices

✅ Security Recommendations

• Use principle of least privilege
• Regularly review and audit permissions
• Enable two-factor authentication
• Remove access for departed team members
• Use strong, unique passwords
• Monitor access logs regularly

Access Monitoring

• Activity Logs: Track who accessed what and when
• Permission Changes: Monitor permission modifications
• Failed Access Attempts: Security alert system
• Data Export Tracking: Monitor data downloads
• Integration Access: Track third-party app usage

Common Permission Scenarios

Scenario 1: Product Team

Setup: Product managers need full access, designers need view/edit access, developers need specific bucket access.

• PMs: Admin role with all buckets
• Designers: Member role with design-related buckets
• Developers: Member role with technical buckets

Scenario 2: Customer Support

Setup: Support team needs access to customer feedback, managers need analytics, external contractors need limited access.

• Support Agents: Member role with customer buckets
• Support Managers: Admin role with analytics
• Contractors: Guest role with time-limited access

Scenario 3: Multi-Department

Setup: Different departments need access to their own buckets with some shared access for collaboration.

• Department Heads: Admin role for their buckets
• Team Members: Member role for department buckets
• Cross-functional: Viewer role for shared buckets

Troubleshooting Permissions

Common Issues

• Can't see bucket: Check bucket permissions and team membership
• Can't edit feedback: Verify edit permissions for the bucket
• Missing notifications: Check notification settings and permissions
• Integration issues: Ensure proper Slack/API permissions

Permission Audit Checklist

• Review all team member access levels monthly
• Check for inactive or departed team members
• Verify bucket permissions match team structure
• Test permissions from different user accounts
• Review integration permissions and access
• Update permissions when team roles change

💡 Pro Tip

Start with restrictive permissions and gradually open up access as needed. It's easier to grant additional permissions than to revoke them after they've been used.