In the Case Management feature, user access is controlled through roles, which define what actions each user can perform such as viewing cases, creating cases, closing cases, editing cases or managing Case Management settings. There are two types of role scopes in the Blink Platform:
  • Tenant roles grant access across the entire tenant, including settings and global resources.
  • Workspace roles control access within individual workspaces, including Case Management and workflow-related permissions.
Blink provides a set of built-in user roles for both scopes. In addition, you can define custom roles to tailor permissions to your specific needs. For example, limiting a user’s ability to manage settings while still allowing them to work on cases. In Case Management specifically, access is governed by Workspace roles. Each user is assigned a role within each workspace they are a member of. You can assign built-in roles like Owner, Contributor, Viewer, or Case Management Guest, or create custom roles that fit your organizational structure.

Case Management Permission Hierarchy

When assigning case management permissions, it is important to understand how each permission relates to the others in terms of hierarchy:
  • Having the case_management:edit permission allows a user to create and modify cases. However, does not grant the ability to close (case_management:close_case) or delete (case_management:delete_case) cases.
  • The case_management:close_case and case_management:delete_case permissions are considered higher in the permissions hierarchy.
    • Assigning a user the case_management:close_case permission automatically grants them the ability close a case to edit cases (case_management:edit), even if that permission has not been explicitly assigned. However, it does not grant them the ability to delete cases (case_management:delete_case).
    • Similarly, assigning a user the case_management:delete_case permission automatically grants them the ability to delete cases and edit cases (case_management:edit), even without explicitly assigning that permission. However, it does not allow them to close cases (case_management:close_case).
  • The case_management:admin permission sits at the top of the hierarchy. It grants full control over case management, including editing, closing, and deleting cases, as well as managing related settings.

Workspace Role Scope (Built in)

Owner

Users assigned the Owner workspace role have full administrative access to all cases and settings within the workspace. This role is intended for users who need complete control over case operations and configurations.
The Owner user role is a built-in role available within the workspace role scope.

Contributor

Users assigned the Contributor user role can fully build and maintain workflows and case-related entities like tables, runners, and global variables. They have full edit access across case and workflow objects, including the ability to edit Case Management permissions, but cannot configure workspace settings.

Viewer

Users assigned the Viewer user role only have permissions to observe existing cases, including any linked entities, without the ability to edit or create them.
The Viewer user role is a built-in role available within the workspace role scope.

Case Management Guest

Users assigned the Case Management Guest role are granted view or edit permissions only for cases shared with the user and their groups, including any linked entities.
The Case Management Guest user role is a built-in role available within the workspace role scope.

How to Create Custom Roles

How to Create Custom Roles

The custom roles shown in this section is purely based on our recommendations for optimal visibility and usability. However, there is absolutely no obligation to follow these recommendations Clients have full control and discretion over how they choose to configure their custom roles. These recommendations are intended only as helpful guidance, your team is encouraged to customize the roles based on your specific needs, preferences, and workflows.
In order to create custom roles and permissions, you need to create a custom workspace role which allows users to create and edit cases while restricting the ability to make changes to settings.
1

Navigate to Roles Settings

Navigate to the ‘Roles’ Tab, in settings and in the top-right corner, click on ‘New Role’ button in the top right-corner.
2

A dialogue box will open, displaying all user roles and their permissions.
3

Fill in the Necessary Details

Add a Role Name and a Role Description.
4

Choose the Workspace Role

Select the ‘Workspace Role’ option under the Role Scope section.
5

Choose Permissions

Choose permissions based on the custom role you wish to create

Workspace Role Scope (Custom)

The roles outlined below are custom role configurations designed to help you get started with managing permissions in your workspace. These are recommended templates based on common user needs and responsibilities, particularly within the Case Management feature. Use these custom roles as a baseline to guide your setup:

SOC Analyst Role

Users assigned to the custom Case Management SOC Analyst user role can run workflows and manage cases but cannot edit workflows or system settings. They have full access to case creation and deletion, and read-only access to workflows, connections, and environment data. The custom SOC Analyst role will use the built-in Tenant Guest role on the Tenant Scope.

Builder Role

Users assigned to the custom Case Management Builder user role can fully create and modify workflows and cases. They have broad access to build workflows, edit workflows, approve workflows and manage case data but limited access to workspace configuration. The custom Case Management Builder role will use the built-in Builder role on the Tenant Scope.

Admin Role

Users assigned the custom Case Management Admin user role can fully build and maintain workflows and case-related features like tables, runners, and global variables. They have full edit access across case and workflow objects but cannot configure workspace settings. The custom Case Management Admin role will use the built-in Admin role on the Tenant Scope.