This article is part of the Security & Permissions Guide
When using Advanced Permissions, you can set up and assign profiles to limit a user's ability to access and change records.
How profiles work
Profiles grant levels of access to records based on the record type and permissions that are selected.
Users can read, create, edit, or delete records based on the profile they're assigned to. Alternatively, profiles can be set up to prevent certain users from deleting items, editing records, or even seeing entire tabs.
For example, a Project Management profile could have permissions to create, edit, and delete Projects and tasks, but could be restricted from reading Leads and Opportunities. In that case, anyone assigned to that profile wouldn't see the Leads tab or Opportunities tab or see any of those types of records in Insightly.
Some permissions are dependent on others. For example, a profile cannot edit Contacts unless it's able to read them.
Available profile settings:
- Read - Can view this type of record and its navigation tab
- Create - Can create new records of this type
- Edit - Can make changes to the records they have access to
- Delete - Can delete records that they have access to
- Read All - Can read all records of this type, regardless of role or sharing rules
- Modify All - Can create, edit, or delete all records of the selected type, regardless of role or sharing rules
Planning your profiles
When planning your profiles, think about grouping your users by the access they need based on the available options.
If you want to keep things simple, you could create two profiles, a "Read-Only" profile to allow some users to view all record types, and a "Full Access" profile that allows other users to read, create, edit, and delete records.
You’ll want to start by considering the job positions you're familiar with and start creating profiles based on what each team member needs access to. The larger your organization, the more complex your profile list could be.
Create a profile that prevents lower level employees from viewing Quotes. The records may have sensitive information that should only be handled by the record’s owner.
Create a profile that only allows sales managers to delete Leads so the manager has the chance to step in and try to save the potential client.
Create a profile for the head of your department that allows them to modify all records, bypassing any role or sharing rules in place.
- Advanced Permissions must be enabled to use profiles.
- You will be able to give each profile a name. We recommend using distinct names to avoid confusion.
- Read All and Modify All profile settings will override all Roles and Sharing Rules.
- To review a record’s security details, including the profiles that have access to the record, click the padlock icon next to the title of the open record.
- If you choose to assign a user a profile and that user has already been assigned to another profile, they will be removed from their existing profile and reassigned.
- Assigning an Insightly administrator to a custom profile will revoke that user's administrative privileges.
Please read the following article to learn more: