Skip to main content
User management controls who can access Sofie and what they can do. Administrators may see pages for Users, Roles, and Groups depending on their permissions.
This guide is for users who manage Sofie access. If you do not see these pages, your account likely does not have the required permissions.

Administration guides

User management

Invite users, review details, assign roles and groups, and handle removal.

Roles and permissions

Design roles, review permission impact, and manage privileged access.

Groups

Organize people by department, site, project, review board, or team.

Organization settings

Manage organization name, brand settings, and authentication policy.

Integration administration

Enable connected app providers and plan rollout for users.

Security Center

Review security events, alerts, access snapshots, and recovery activity.

How access is organized

ConceptUse it for
UserA person with a Sofie account.
RoleA set of permissions that controls what a user can view or change.
GroupA collection of users managed together.
PermissionA specific access capability granted through a role or policy.
Use roles for what people can do. Use groups for who belongs together.

Manage users

Use User Management to:
  • View users.
  • Invite or add users when available.
  • Open user details.
  • Review user access.
  • Move users into the right groups.
  • Assign or change roles when permitted.
Before changing a user:
  • Confirm the person, email, and organization membership.
  • Confirm the business reason for access.
  • Choose the least access needed for the work.
  • Check whether the user needs Workspace membership in addition to app access.

Manage roles

Use Role Management to create and manage roles and their permissions. Good role design:
  • Names match job responsibility.
  • Permissions are narrow enough to understand.
  • Privileged settings are limited to administrators who need them.
  • Roles are reviewed when teams or responsibilities change.
  • Passkey requirements are considered for elevated permissions.
Avoid:
  • Giving broad admin access for temporary tasks.
  • Creating many nearly identical roles.
  • Assigning access without a review owner.
  • Using roles to represent project membership when a Workspace would be better.

Manage groups

Use Group Management to create and manage user groups. Groups work well for:
  • Departments.
  • Project teams.
  • Review boards.
  • Site teams.
  • External collaborator sets when your organization allows them.
Groups should have names that make ownership clear:
  • QA reviewers
  • MSAT tech transfer
  • Validation authors
  • Manufacturing SMEs
  • Regulatory reviewers

Workspace access versus app access

App access lets a user open Sofie features. Workspace access controls whether a user can see and use a specific Workspace and its contents. If a user cannot find expected content, check both:
  • Their role or permission.
  • Their Workspace membership.
Use Manage Workspace files, members, and context for Workspace membership guidance.

Access review habits

Review users, roles, and groups when:
  • A team member changes roles.
  • A project closes.
  • A contractor leaves.
  • A new feature is enabled.
  • A privileged role is assigned.
  • A user no longer needs a Workspace.
Ask:
  • Does this person still need Sofie access?
  • Does this person need this role?
  • Does this person need this Workspace?
  • Does this group still represent a real team?
  • Are privileged users using required security controls?
Access settings can expose shared files, chats, artifacts, and connected app capabilities. Review changes before saving them and follow your organization’s access process.