Skip to main content

Celonis Product Documentation

Assigning granular user permissions

While Celonis Platform admins have a defined set of permissions, you must assign permissions to your analysts, members, and groups of users within your team.

You can assign granular permissions based on service, container, and object levels within your Celonis Platform team. These levels work on a hierarchy, with the highest level (the service level) overriding any conflicts in either the container or object level.

Hierarchy_of_permissions.png
Service level

This is the highest level, giving user permissions across a service within your Celonis Platform , such as the Studio. In this example, you are granting the user permissions to the whole Studio. 

To set service level permissions, click Admin & Settings - Permissions and then edit the relevant service.

A screenshot showing where to edit service level user permissions
Container level

This is the top-level object within a service, such as Studio - Space. In this example, you are granting the user permissions within just the space.

To set container level permissions, once inside the service click Options - Permissions:

A screenshot showing where to assign container level permissions.
Object level

This is the specific object within a container, such as Studio - Space - Package. In this example, you are granting the user permissions within just the package.

To set object level permissions, once inside the space click Options - Permissions:

A screenshot showing where to set object level permissions.
Permissions overview

To help you identify the permissions you need to set, use this table.

Service

Container

Object

Data Integration

Data Pool

Data Model

Studio

Space

View / Analysis / Action Flow / Data Explorer / Skill

Action Engine

Project

Skill* (N/A)

Machine Learning

Workspace

App

Process Analytics

Workspace

Analysis

Process Automation

Agents* (N/A)

Process Repository

Category

Transformation Center

Objective

KPI* (N/A)

*Permissions can’t be assigned to these objects.

For example, the Studio service needs service level permissions, a studio package needs container level permissions, and a views, analysis, action flows, data explorers, and skills needs object level permissions.

Hierarchy_of_permissions_example.png

You have the option to control Access and permissions to view, edit, and activate them. When you request activation of this feature, we’ll remove access to Action Flows for users with the Analyst role by default.