I like to know what others are doing to have better organization of managing their users against workspaces, bases, and interfaces, specifically within their organization. I have built a number of apps amongst different departments. We have not decided to turn on enterprise hub yet for our enterprise account but we do have SSO. However, I think using groups would be useful as a growing community of users is developing. I’m a little clunky with using groups and will need to a lot of clean up. Structurally this is how I’m laying it out:Workspace per department Product owners of the Base have creator access only at the Base NOT at the Workspace level (Reasons - within the department could have multiple products not meant for other team members thus at the Workspace level gives too much control) Groups - Product owners are Group ManagersMy logic in what I’m thinking to do:At the Base level manage access for creators only Instead of inviting people directly to the base or interface per a permission level as we’ve been doing, have them do SSO to Airtable first, then add them to a Group. Said Group would have specific access controls like Ready Only to the base or interface or bothThus when I look at the list of collaborators for a base or interface I should see something like thisJohn Doe - Creator HR Talent (Group) - Read Only HR Comp (Group) - Read OnlyI think this is cleaner than seeing a laundry list of collaborators.What I want to avoid going forward is the notifications of people to “Grant Access” for bases or interfaces that’s been handed off to Product Owners. Have them self manage people that need to come and go.One thing I’m concerned about is that if the user doesn’t already exist in Airtable they cant be added to the group. The log on and management will be a bit clunky unless I’m missing how this can work out.Thoughts?

User Management - Groups and Access Control

I like to know what others are doing to have better organization of managing their users against workspaces, bases, and interfaces, specifically within their organization. I have built a number of apps amongst different departments. We have not decided to turn on enterprise hub yet for our enterprise account but we do have SSO. However, I think using groups would be useful as a growing community of users is developing. I’m a little clunky with using groups and will need to a lot of clean up.

Structurally this is how I’m laying it out:

Workspace per department
Product owners of the Base have creator access only at the Base NOT at the Workspace level (Reasons - within the department could have multiple products not meant for other team members thus at the Workspace level gives too much control)
Groups - Product owners are Group Managers

My logic in what I’m thinking to do:

At the Base level manage access for creators only
Instead of inviting people directly to the base or interface per a permission level as we’ve been doing, have them do SSO to Airtable first, then add them to a Group.
Said Group would have specific access controls like Ready Only to the base or interface or both

Thus when I look at the list of collaborators for a base or interface I should see something like this

John Doe - Creator
HR Talent (Group) - Read Only
HR Comp (Group) - Read Only

I think this is cleaner than seeing a laundry list of collaborators.

What I want to avoid going forward is the notifications of people to “Grant Access” for bases or interfaces that’s been handed off to Product Owners. Have them self manage people that need to come and go.

One thing I’m concerned about is that if the user doesn’t already exist in Airtable they cant be added to the group. The log on and management will be a bit clunky unless I’m missing how this can work out.

Thoughts?

Page 1 / 1

Hey there @Michael-Zimmer , thanks for submitting such a great question! Because your question hasn't yet received an answer/solution from the Community, we've created s support case on your behalf with our Airtable Expert Team to get you the quickest, best response possible. Please check your email for follow-up and your case reference number—and continue to follow this thread as new community members tend to share answers and add knowledgeable responses regularly.

Great appreciate it!

Hi @hwmedhin, would you be able to direct the same team or information my way? I have a similar use case that I would like assistance with, and it would be most helpful to get some guidance on best practices for our org governance.

Great community question, @Michael-Zimmer! Thanks for submitting it!

Hey @klg_amcn , absolutely! I’ve created an additional support case on your behalf with our Airtable Expert Team. We also sent you an follow-up email that has your case reference number. 😉

Hi @hwmedhin , thank you! I will look out for the email.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded