There are three levels you'll need to be aware of when it comes to Security. Users, Groups, and Permissions.
Users
Users are pretty self explanatory.
You can manage Users at
Administration > Manage your Groups and Users > Users Tab. Here you can do things like modify the user's name, department, account status, and groups.
Groups
Groups are simply containers to put users in. A user can be a member of many groups.
You can manage Users at
Administration > Manage your Groups and Users > Groups Tab. Here you can add/edit/delete user groups, as well as manage which users belong to each one.
Permissions
Permissions come in four flavors: Applications, Client Tabs, Application Actions, and User Lists.
-
Think of Applications as, "What tabs on the Main Menu can this user see?".
-
Think of Client Tabs as, "Which tabs can the user see when a client record is open?".
-
Application Actions are all the various actions possible throughout the system. (Does this user have the ability to add, edit, delete something?)
-
Users Lists are less of a permission and more of an association. This is where you tell the system which groups to use to populate certain user pickers throughout the system.
You can manage Permissions at
Administration > Manage your Application Security and User Lists.
Adding a new user
This is a two step process
1. Invite the user.
Go to Administration > Manage your Groups and Users, click the green plus button at the top of the list, and invite the user there.
2. Add the new user to the proper user groups.
You'll want to do this immediately after you invite them, before they actually accept the invitation and register. This will ensure they have the proper permissions and can see and do everything they need right when they log in for the first time.
How do I know which groups to add the user to?
The most effective way is to find an existing user that has a similar job description and similar permission requirements and look at which groups they're in. Chances are the new users isn't all that different than someone who already exists.
If you can't find someone similar, or this is a new type of job description, or maybe you just want to do it manually, you'll need to look through each permission and figure out which group(s) are common amongst them and which groups would fit that new user.
Hints/Tips
Here are a couple things to help you along the way.
Filter the permissions list
Some of those tabs can have a ton of permission listed inside. Type a few letters into the Filter box at the top left and the list will search for permissions that match your query.
View By Permission/Group
Depending on your intent, you may want to view the permissions list by permission or by group. If you're adding a brand new group to the system, you'll want to view the list by group at the top right. This will allow you to choose your new group and add all the permissions it needs in one place. If you're just tweaking a permission or two, you'll want to view by permission. This allows you to see each permission and work with them one by one.
View the Security Matrix
There are a lot of permissions, and a lot of groups, and even more users. How are you supposed to get a big picture of exactly who is in what group, and who can do what? At the top of the page is a PDF icon. Click on that to print out the Security Matrix report. This is a huge report that will break everything down from multiple viewpoints and show you exactly what's going on.