Case Management Permissions
In the Case Management feature, user access is controlled through roles, which define what actions each user can perform such as viewing cases, creating cases, closing cases, editing cases or managing Case Management settings.
There are two types of role scopes in the Blink Platform:
- Tenant roles grant access across the entire tenant, including settings and global resources.
- Workspace roles control access within individual workspaces, including Case Management and workflow-related permissions.
Blink provides a set of built-in user roles for both scopes. In addition, you can define custom roles to tailor permissions to your specific needs. For example, limiting a user’s ability to manage settings while still allowing them to work on cases.
In Case Management specifically, access is governed by Workspace roles. Each user is assigned a role within each workspace they are a member of. You can assign built-in roles like Owner, Contributor, Viewer, or Case Management Guest, or create custom roles that fit your organizational structure.
Case Management Permission Hierarchy
When assigning case management permissions, it is important to understand how each permission relates to the others in terms of hierarchy:
-
Having the
case_management:editpermission allows a user to create and modify cases. However, does not grant the ability to close (case_management:close_case) or delete (case_management:delete_case) cases. -
The
case_management:close_caseandcase_management:delete_casepermissions are considered higher in the permissions hierarchy.- Assigning a user the
case_management:close_casepermission automatically grants them the ability close a case to edit cases (case_management:edit), even if that permission has not been explicitly assigned. However, it does not grant them the ability to delete cases (case_management:delete_case). - Similarly, assigning a user the
case_management:delete_casepermission automatically grants them the ability to delete cases and edit cases (case_management:edit), even without explicitly assigning that permission. However, it does not allow them to close cases (case_management:close_case).
- Assigning a user the
-
The
case_management:adminpermission sits at the top of the hierarchy. It grants full control over case management, including editing, closing, and deleting cases, as well as managing related settings.
Workspace Role Scope (Built in)
Owner
Users assigned the Owner workspace role have full administrative access to all cases and settings within the workspace. This role is intended for users who need complete control over case operations and configurations.
Owner Role Permissions
Owner Role Permissions
| Feature | Description | Permissions | Access |
|---|---|---|---|
| Case Management | View existing cases | case_management:view | |
| Case Management | View and edit only the cases shared with the user and their groups, including any linked entities | case_management:restricted | |
| Case Management | Create and edit cases. | case_management:edit | |
| Case Management | Close Case. | case_management:close_case | |
| Case Management | Delete Cases. | case_management:delete_case | |
| Case Management | Manage case management settings. | case_management:admin | |
| Connections | View existing connections | connections:view | |
| Connections | Create and edit connections | connections:edit | |
| Global Variables | View existing global variables | global_variables:view | |
| Global Variables | Create and edit global variables | global_variables:edit | |
| Runners | View existing runners | runners:view | |
| Runners | Create and edit runners | runners:edit | |
| Tables | View existing tables | tables:view | |
| Tables | Create and edit tables | tables:edit | |
| Tables | Create and edit tables | tables:edit | |
| Workflows | View existing workflows | Workflow:view | |
| Workflows | Publish Workflows | workflow:publish | |
| Workflows | Create and edit workflows | workflow:edit | |
| Workflows | Approve Workflows | workflow:approve | |
| Workspaces | Share workspaces resources | workspaces:share | |
| Workspaces | Update workspace settings | workspaces:edit | |
| Workspaces | Delete workspaces | workspaces:delete |
Contributor
Users assigned the Contributor user role can fully build and maintain workflows and case-related entities like tables, runners, and global variables. They have full edit access across case and workflow objects, including the ability to edit Case Management permissions, but cannot configure workspace settings.
Contributor Role Permissions
Contributor Role Permissions
| Feature | Description | Scope | Access |
|---|---|---|---|
| Case Management | View existing cases | case_management:view | |
| Case Management | View and edit only the cases shared with the user and their groups, including any linked entities | case_management:restricted | |
| Case Management | Create and edit cases. | case_management:edit | |
| Case Management | Close Case. | case_management:close_case | |
| Case Management | Delete Cases. | case_management:delete_case | |
| Case Management | Manage case management settings. | case_management:admin | |
| Connections | View existing connections | connections:view | |
| Connections | Create and edit connections | connections:edit | |
| Global Variables | View existing global variables | global_variables:view | |
| Global Variables | Create and edit global variables | global_variables:edit | |
| Runners | View existing runners | runners:view | |
| Runners | Create and edit runners | runners:edit | |
| Tables | View existing tables | tables:view | |
| Tables | Create and edit tables | tables:edit | |
| Tables | Create and edit tables | tables:edit | |
| Workflows | View existing workflows | Workflow:view | |
| Workflows | Publish Workflows | workflow:publish | |
| Workflows | Create and edit workflows | workflow:edit | |
| Workflows | Approve Workflows | workflow:approve | |
| Workspaces | Share workspaces resources | workspaces:share | |
| Workspaces | Update workspace settings | workspaces:edit | |
| Workspaces | Delete workspaces | workspaces:delete |
Viewer
Users assigned the Viewer user role only have permissions to observe existing cases, including any linked entities, without the ability to edit or create them.
Viewer Role Permission
Viewer Role Permission
| Feature | Description | Permissions | Access |
|---|---|---|---|
| Case Management | View existing cases | case_management:view | |
| Case Management | View and edit only the cases shared with the user and their groups, including any linked entities | case_management:restricted | |
| Case Management | Create and edit cases. | case_management:edit | |
| Case Management | Close Cases | case_management:close_case | |
| Case Management | Delete Cases. | case_management:delete_case | |
| Case Management | Manage case management settings. | case_management:admin | |
| Connections | View existing connections | connections:view | |
| Connections | Create and edit connections | connections:edit | |
| Global Variables | View existing global variables | global_variables:view | |
| Global Variables | Create and edit global variables | global_variables:edit | |
| Runners | View existing runners | runners:view | |
| Runners | Create and edit runners | runners:edit | |
| Tables | View existing tables | tables:view | |
| Tables | Create and edit tables | tables:edit | |
| Tables | Create and edit tables | tables:edit | |
| Workflows | View existing workflows | Workflow:view | |
| Workflows | Publish Workflows | workflow:publish | |
| Workflows | Create and edit workflows | workflow:edit | |
| Workflows | Approve Workflows | workflow:approve | |
| Workspaces | Share workspaces resources | workspaces:share | |
| Workspaces | Update workspace settings | workspaces:edit | |
| Workspaces | Delete workspaces | workspaces:delete |
Case Management Guest
Users assigned the Case Management Guest role are granted view or edit permissions only for cases shared with the user and their groups, including any linked entities.
Case Management Guest
Case Management Guest
| Feature | Description | Permissions | Access |
|---|---|---|---|
| Case Management | View existing cases | case_management:view | |
| Case Management | View and edit only the cases shared with the user and their groups, including any linked entities | case_management:restricted | |
| Case Management | Create and edit cases. | case_management:edit | |
| Case Management | Close Case. | case_management:close_case | |
| Case Management | Delete Cases. | case_management:delete_case | |
| Case Management | Manage case management settings. | case_management:admin | |
| Connections | View existing connections | connections:view | |
| Connections | Create and edit connections | connections:edit | |
| Global Variables | View existing global variables | global_variables:view | |
| Global Variables | Create and edit global variables | global_variables:edit | |
| Runners | View existing runners | runners:view | |
| Runners | Create and edit runners | runners:edit | |
| Tables | View existing tables | tables:view | |
| Tables | Create and edit tables | tables:edit | |
| Tables | Create and edit tables | tables:edit | |
| Workflows | View existing workflows | Workflow:view | |
| Workflows | Publish Workflows | workflow:publish | |
| Workflows | Create and edit workflows | workflow:edit | |
| Workflows | Approve Workflows | workflow:approve | |
| Workspaces | Share workspaces resources | workspaces:share | |
| Workspaces | Update workspace settings | workspaces:edit | |
| Workspaces | Delete workspaces | workspaces:delete |
How to Create Custom Roles
How to Create Custom Roles
The custom roles shown in this section is purely based on our recommendations for optimal visibility and usability. However, there is absolutely no obligation to follow these recommendations Clients have full control and discretion over how they choose to configure their custom roles. These recommendations are intended only as helpful guidance, your team is encouraged to customize the roles based on your specific needs, preferences, and workflows.
In order to create custom roles and permissions, you need to create a custom workspace role which allows users to create and edit cases while restricting the ability to make changes to settings.
Navigate to Roles Settings
Navigate to the ‘Roles’ Tab, in settings and in the top-right corner, click on ‘New Role’ button in the top right-corner.
A dialogue box will open, displaying all user roles and their permissions.
Fill in the Necessary Details
Add a Role Name and a Role Description.
Choose the Workspace Role
Select the ‘Workspace Role’ option under the Role Scope section.
Choose Permissions
Choose permissions based on the custom role you wish to create
Workspace Role Scope (Custom)
The roles outlined below are custom role configurations designed to help you get started with managing permissions in your workspace. These are recommended templates based on common user needs and responsibilities, particularly within the Case Management feature.
Use these custom roles as a baseline to guide your setup:
SOC Analyst Role
Users assigned to the custom Case Management SOC Analyst user role can run workflows and manage cases but cannot edit workflows or system settings. They have full access to case creation and deletion, and read-only access to workflows, connections, and environment data.
The custom SOC Analyst role will use the built-in Tenant Guest role on the Tenant Scope.
Workspace Scope Permissions
Workspace Scope Permissions
| Features | Description | Scope | Access |
|---|---|---|---|
| Case Management | View existing cases | case_management:view | |
| Case Management | View and edit only the cases shared with the user and their groups, including any linked entities | case_management:restricted | |
| Case Management | Create and edit cases. | case_management:edit | |
| Case Management | Close Case. | case_management:close_case | |
| Case Management | Delete Cases. | case_management:delete_case | |
| Case Management | Manage case management settings. | case_management:admin | |
| Connections | View existing connections | connections:view | |
| Connections | Create and edit connections | connections:edit | |
| Global Variables | View existing global variables | global_variables:view | |
| Global Variables | Create and edit global variables | global_variables:edit | |
| Runners | View existing runners | runners:view | |
| Runners | Create and edit runners | runners:edit | |
| Tables | View existing tables | tables:view | |
| Tables | Create and edit tables | tables:edit | |
| Workflows | View existing workflows | Workflow:view | |
| Workflows | Publish Workflows | workflow:publish | |
| Workflows | Create and edit workflows | workflow:edit | |
| Workflows | Approve Workflows | workflow:approve | |
| Workspaces | Share workspaces resources | workspaces:share | |
| Workspaces | Update workspace settings | workspaces:edit | |
| Workspaces | Delete workspaces | workspaces:delete |
Builder Role
Users assigned to the custom Case Management Builder user role can fully create and modify workflows and cases. They have broad access to build workflows, edit workflows, approve workflows and manage case data but limited access to workspace configuration.
The custom Case Management Builder role will use the built-in Builder role on the Tenant Scope.
Workspace Scope Permissions
Workspace Scope Permissions
| Features | Description | Scope | Access |
|---|---|---|---|
| Case Management | View existing cases | case_management:view | |
| Case Management | View and edit only the cases shared with the user and their groups, including any linked entities | case_management:restricted | |
| Case Management | Create and edit cases. | case_management:edit | |
| Case Management | Close Case. | case_management:close_case | |
| Case Management | Delete Cases. | case_management:delete_case | |
| Case Management | Manage case management settings | case_management:admin | |
| Connections | View existing connections | connections:view | |
| Connections | Create and edit connections | connections:edit | |
| Global Variables | View existing global variables | global_variables:view | |
| Global Variables | Create and edit global variables | global_variables:edit | |
| Runners | View existing runners | runners:view | |
| Runners | Create and edit runners | runners:edit | |
| Tables | View existing tables | tables:view | |
| Tables | Create and edit tables | tables:edit | |
| Workflows | View existing workflows | Workflow:view | |
| Workflows | Publish Workflows | workflow:publish | |
| Workflows | Create and edit workflows | workflow:edit | |
| Workflows | Approve Workflows | workflow:approve | |
| Workspaces | Share workspaces resources | workspaces:share | |
| Workspaces | Update workspace settings | workspaces:edit | |
| Workspaces | Delete workspaces | workspaces:delete |
Admin Role
Users assigned the custom Case Management Admin user role can fully build and maintain workflows and case-related features like tables, runners, and global variables. They have full edit access across case and workflow objects but cannot configure workspace settings.
The custom Case Management Admin role will use the built-in Admin role on the Tenant Scope.
Workspace Scope Permissions
Workspace Scope Permissions
| Features | Description | Scope | Access |
|---|---|---|---|
| Case Management | View existing cases | case_management:view | |
| Case Management | View and edit only the cases shared with the user and their groups, including any linked entities | case_management:restricted | |
| Case Management | Create and edit cases. | case_management:edit | |
| Case Management | Close Case. | case_management:close_case | |
| Case Management | Delete Cases. | case_management:delete_case | |
| Case Management | Manage case management settings. | case_management:admin | |
| Connections | View existing connections | connections:view | |
| Connections | Create and edit connections | connections:edit | |
| Global Variables | View existing global variables | global_variables:view | |
| Global Variables | Create and edit global variables | global_variables:edit | |
| Runners | View existing runners | runners:view | |
| Runners | Create and edit runners | runners:edit | |
| Tables | View existing tables | tables:view | |
| Tables | Create and edit tables | tables:edit | |
| Workflows | View existing workflows | Workflow:view | |
| Workflows | Publish Workflows | workflow:publish | |
| Workflows | Create and edit workflows | workflow:edit | |
| Workflows | Approve Workflows | workflow:approve | |
| Workspaces | Share workspaces resources | workspaces:share | |
| Workspaces | Update workspace settings | workspaces:edit | |
| Workspaces | Delete workspaces | workspaces:delete |