Celonis Product Documentation

My Inbox: Allows the user to access the My Inbox site. This is the typical permission assigned to a business user and allows the business user to interact (read, assign, comment, etc.) with any existing Signals to which they are subscribed.

Manage Skills: User can create Projects and then create and edit Skills and Routing Rules within those Projects. Can also assign other users the permissions to edit Skills within those Projects. This permission is required for the Action Engine configuration.

Access All Projects: Allows the user to access all existing Projects, as well as the Skills and Routing Rules within those Projects.

Create Projects: The user has access to the inbox and can create new projects.

View Agents: The user can view the list of agents on the Automation global page.

Manage Permissions: The user can update permissions related to automation.

Register Agents: The user can register new agents in the EMS team. This means that the user can create a connection between the agent installed in a customer’s on-prem environment and the EMS team.

Edit Agents: The user can edit or delete agents on the Automation global page.

Use All Data Models: The user has "use" permission on all Data Models of this team. The user can assign any Data Model from any Data Pool to a variable in Studio and use the model from there. This does not give any permissions to access or make changes in Data Integration, but they can use the data from the Data Model to build Analysis/Views in Studio. Does not provide access to raw data, only to the transformed data stored in a Data Model from Studio/Process Analytics.

Create Data Pools: The user can create new Data Pools in Data Integration and will automatically have Manage Pool Permissions in those new pools. The user will be an Admin user for the newly created Data Pool. The user can also create new Data Pools, including access to raw and transformed data.

Manage All Data Pools: The user has "edit" permissions and can perform all operations, including sensitive ones, on all Data Pools of this team. This includes access to raw and transformed data.

Get: Definition to be provided.

Create: Definition to be provided.

Delete: Definition to be provided.

Admin: Definition to be provided.

List: Definition to be provided.

Use All Apps: The user can use all existing Apps.

Use All MLFlows: The user can use all existing MLFlows.

Use All Schedulers: The user can run and see the logs of all schedulers.

Manage All Apps: The user can edit, upgrade, delete, and update the associated application key and update the permissions for all Apps.

Manage All ML Flows: The user can edit or delete MLFlow instances.

Create Workspaces: The user can create workspaces.

Manage All Workspaces: The user can edit or delete all workspaces.

Create Apps: The user can create new Apps.

Create ML Flows: The user can create new MLFlow instances.

View Configuration: The user has access to the configuration page.

Create Schedulers: The user can create new schedulers.

Edit Schedulers: The user can edit the schedulers.

Delete Schedulers: The user can delete the schedulers.

Manage Schedulers Permissions: The user can update the scheduler permissions.

Use All Analyses: The user can only see and use the analyses created in the team.

Create Analyses: The user can create new analyses across all workspaces. They can also delete and add permissions to any analysis they have created.

Edit All Analyses: The user can edit all existing analyses across all workspaces, but they cannot delete or create analysis.

Edit All Workspaces: The user can edit all existing workspaces such as renaming, but they cannot delete or create workspaces.

Create Workspace: The user can create new workspaces or duplicate workspaces. They can also delete and add permissions to a workspace they have created.

Export Content: The user can export analyses and process information via JSON format across all workspaces.

Move To: The user can move analyses from within all workspaces to other workspaces.

Manage Permissions: The user can manage both workspace and analysis permissions across the team.

Delete All Workspaces: The user can delete all workspaces across the team, which will also delete what is in the workspace.

Delete All Analyses: The user can delete all analyses within each workspace across the team.

Use Categories: The user can only see categories in the process repository to which they are being granted permission.

Create and Modify Categories: The user can create and modify categories in the process repository, as well as view existing categories.

Modify Existing Categories: The user can modify existing categories in the process repository to which they are being granted permission.

Delete Existing Categories: The user can delete existing categories in the process repository to which they are being granted permission.

Create Space: The user can see the name of the default space and can create new spaces. The user can delete and grant permission to spaces they create.

Edit All Spaces: The user can edit existing spaces in the team such as rename, but cannot delete or create spaces.

Delete All Spaces: The user can create, edit, delete and set permissions to spaces and content they have created, unless permissions are removed. They cannot delete other spaces unless this permission is combined with Edit All Spaces.

Manage Permissions: The user can create, edit, delete and set permissions to spaces and content they have created, unless permissions are removed. They cannot manage permissions to other spaces unless this permission is combined with Edit All Spaces.

No Studio Permissions Set: The user can create, edit, delete and set permissions to spaces and content they have created, unless permissions are removed. They cannot see other spaces.

Use All Packages: The user can "use" all content in the granted space from within Apps. The space content is not accessible via Studio.

Create Package: The user can see the name of the space to which they have been granted and can create new packages within it. The user can delete and grant permission to any packages they have created.

Edit Space: The user can see the name of the space to which they have been granted and can edit the space name.

Edit All Packages: The user can edit all packages and assets within the space they have been granted, they cannot delete anything.

Delete Space: The user can delete the space to which they have been granted access and everything in it.

Delete All Packages: Shows the space, but no packages will be shown.

Manage Permissions: The user can manage the permissions of the space to which they are granted access.

Use Package: The user can “use” any package they have been granted in Apps.

Edit Package: The user can edit the package and create, edit all assets within the package, they cannot delete anything.

Delete Package: When checked alone, the user can only see the space they have been granted, but cannot do anything. This permission must be combined with Edit Package to work.

Manage Permissions: When checked alone, this does nothing other than show the space, with no packages shown. This permission must be combined with Edit Package to work.

Use: Shows the space, but no packages will be shown.

Edit Client Settings: Grants permissions to see and edit everything in the "Client Setups" menu.

Edit Users: Grants permissions to see and edit everything in the "Users & Invite" menu.

Import Members: Definition to be provided.

Use Audit Logs API: The granted user can now configure an API to export audit logs.

Use Login History API: The granted user can now configure an API to export login history logs.

Manage Audit Logs: The granted user gets limited access to Admin & Settings, but can only see Audit Logs in the menu.

Manage Login History: The granted user gets limited access to Admin & Settings, but can only see login history in the menu.

Manage General Settings: The granted user gets limited access to Admin & Settings, but can only see Settings in the menu.

Manage SSO Settings: The granted user gets limited access to Admin & Settings, but can only see Single sign-on in the menu.

Manage Members: The granted user gets limited access to Admin & Settings, but can only see Users in the menu.

Manage Groups: The granted user gets limited access to Admin & Settings, but can only see Groups in the menu.

Manage Applications: The granted user gets limited access to Admin & Settings, but can only see Applications in the menu.

Manage Permissions: The granted user gets limited access to Admin & Settings, but can only see Permissions in the menu.

Manage Member Locking Policy: The granted user gets limited access to Admin & Settings, but can only see User locking policy in the menu.

Manage License Settings: The granted user gets limited access to Admin & Settings, but can only see License in the menu.

Manage Admin Notifications: The granted user gets limited access to Admin & Settings, but can only see Notifications in the menu.

Manage Uplink Integrations: The granted user gets limited access to Admin & Settings, but can only see Uplink integrations in the menu.

Manage Permissions Overview: The granted user gets limited access to Admin & Settings, but can only see Permissions in the menu.

Manage User Adoption Preferences: The granted user gets limited access to Admin & Settings, but can only see User Adoption Preferences (if enabled) in the menu.

Manage Adoptions Views: The granted user gets limited access to Admin & Settings, but can only see User Adoption Views in the menu.

View Objective: The user can see all objectives in Transformation Center.

Create Objective: The user can create new objectives and reports but cannot see or use any existing ones.

Edit Objective: The user can see, edit and rename all objectives but cannot delete or create.

Delete Objective: The user can see and delete all objectives but cannot edit, create or rename.

Create KPI: The user can only create a new KPI. They cannot see existing objectives.

Export Content: The user cannot see anything with just this permissions checked. This must be combined with the View Objective permission and then all objectives are visible and the user can only export content.

Move To: Definition to be provided.

Manage Permissions: The user cannot see anything with just this permission checked. This must be combined with the View Objective permission and then all objectives are visible and the user can only manage permissions.

View Objective: The user can see the workspace, but they cannot see anything within it.

Edit Objective: The user can rename the workspace, but they cannot see anything within it.

Create KPI: The user cannot see anything with just this permission checked. This must be combined with the View Objective permission and then the user can create a new KPI.

Delete Objective: The user can delete the workspace, but they cannot see anything within it.

Manage Permissions: The user cannot see anything with just this permissions checked. This must be combined with the View Objective permission and then the user can manage permissions for the workspace.

View KPI: The user can view the KPI within the objective.

Edit KPI: The user can edit, duplicate the KPI within the objective, but they cannot delete it.

Delete KPI: The user can delete the KPI within the objective, but they cannot edit or duplicate it.

Manage Permissions: The user cannot see anything with just this permissions checked. This must be combined with the View KPI permission and then the user can manage permissions for the KPI.

SCIM: The user can configure the SCIM API for user provisioning (If enabled).