Working with roles and access rights

Updated by Leigh Hutchens

Read more about role management here and access rights here. You can even watch a short video tutorial here!

Depending on their role, Quinyx users require access to different functional groups of the application. Setting access rights allows you a straightforward way to configure user permissions that reflect the needs of individual users.

Roles and access rights for the web app

Roles and access rights / Roles

A role defines access rights in Quinyx. You can manage the access rights for each role by clicking Edit role, and then give the role one of three options:

No access

Read access

Write access

Examples of roles include:

  • Account owner full access
  • HR administrator - TTP
  • Attesting manager
  • Scheduler

Roles and access rights / Levels

Level: Determines which other roles you can see the employee details for in the structure.

Example: A level 2 manager can't see users with the same level or higher in the People tab. Level 2 managers are able to see managers in level 3, 4 or lower if these managers have access to the same district, unit, or section.

In addition, from the People tab you can assign someone the same role as yourself or below on any unit, section, etc. that you have access to in the organization. Practically, this means that if you're a level 3 manager, you will be able to add any role for an employee up to your current highest role in the group that you and the employee have access to.

Employees are visible to everyone with a manager role.

Highest-level role managers will be able to see each other in the People tab i.e. if level 1 is the highest level then managers having roles from that level will be able to see each other in the People tab
A manager that is to be scheduled in Quinyx also needs the role of Employee in the unit/section where the schedule will be rolled out. Essentially allowing them to have two roles in one unit/section.
A level 3 manager, looking in People, will not be able to see inherited or direct members on levels above, but will be able to see inherited and direct members on levels below.

Examples include:

Level roles visibility

The list of people you can see logged in as a Level 1 manager is longer than the one I see as Level 3. This is because the Level 3 manager is not able to see the Level 1 manager:

Logged in as Level 1 manager

Logged in as Level 3 manager

Please note that with role levels, you can only see those whose role level is below your highest role level.
The role Employee will make anyone visible in the Schedule and will allow you to schedule that employee/user on the specified unit/section.

Roles and access rights /Organization

The organization is built up of different types. Customer, District, Unit, and Section.

To give access to an employee, you must add them as a member to the “type” they will have access to. They will then also be inherited with the same role to all types directly under the one you add them to. 

This means that if you add someone on the district level to “District 2” they will be inherited with the same role and access rights to all units and sections in that district:

Inherited roles

The inheritance logic regarding the members will give access to a user to all the belonging types in the organization structure. 

When you have a role on a unit, you will automatically also have access to any sections on that unit. The role you have in the section will then be inherited from the unit. It works the same way if you have a role that can access a district. All units and sections under that district will then be available for you.

For example:

Below is another example showing that a role can have very limited access in the organization: 

Roles and access rights / Organization

Which part of the organization you give access to controls what parts you can access, while the role controls what you can do in those parts.

For example, you have a role as an attesting manager in North which gives that manager access to the whole district as an inherited member:

Here is another example of showing that a role can have very limited access in the organization: 

Roles and access rights to Account settings

To access Account settings you need to have the permission for account settings set to Write access, and you also need to have a role on the Customer level. 

Since Account settings affect the entire account, we recommend that it should only be accessible by a few users.

Roles and access rights for the phone app

The access rights for the phone app are managed through the Staff Categories. Everyone will be assigned a Staff Category, even managers, and the Staff Category will control the access rights for the part they are able to access from the employee perspective. 

There are also a few access rights in the mobile app that are controlled by the role the manager has been assigned.

Read more about how the roles and staff categories controls the access for employees and managers here.

Video tutorial - assign roles in Quinyx

Please watch our video tutorial for a step-by-step guide of how to assign roles in Quinyx.

Roles and access rights for the staff portal and Mobile app

Navigate to Account settings > Access rights > Mobile and staff portal permissions. Click Add in the top-right corner to add a staff category.

Once it’s been created, click Edit to adjust the permissions in the panel that opens on the right side of your screen.

When the option of the permission only has an open or a closed eye, that means that if the eye is open (the access is on) you can see it in the app and you can use it. 

When there are three options, means that if you have the read access you will see but not be able to edit: 

You can read more about how to work with mobile and staff portal permissions here.

How Did We Do?