Gives a user access to create and edit active scheduler blocks for other users.

• Recommendation: Give access to the event coordinator and/or manager of active scheduler users to allow for schedule adjustments in the case that someone is out of the office or cannot access Slate.

Add, Confirm, Assign Letters, and Release decisions individually from the application record. Also grants access to Decision Management if the user has read access for a query.

• Must have access to application lookup. Allows for individual decisioning or decisioning through the query tool.
• Recommendation: Try using rules as much as possible to add initial decisions and use the Release Decisions tool (and permission) to release decisions in bulk.

Allows for a user to see decisions and the decision section on an applicant’s record. If given query access, decisions can still be queried.

• If given query access, decisions can still be queried

Grants read access to view all data on an application tab within the student record.

• This permission allows a user to view the entire person record as well, even if there’s no application record. However, they would not have access to the person query base unless specifically given to them in the query permissions.

Grants read access to view all data on an application tab within the student record if the application is associated with an active application period.

• This permission allows a user to view the person record ONLY if there’s an application record from an active period.

Grants access to view an application's submitted review forms.

• This allows you to see the completed review forms on an applicant’s application record. However, if the review forms have been added to a reader tab group, then they can be viewed there if a user has reader access.

Grants write access to application data, including updating the application round, applicationscoped fields, submission status, activities, and checklist items.

• This is a powerful permission. It allows users to delete apps, clone apps, change rounds, etc. That being said, it also allows for checklists and materials to be added directly through an applicant’s record.
• If materials need to be added, a user can do so with the Person Update permission (see UN for cautions with person update permission) or through the Batch Acquire tool.
• If custom app fields need to be edited, they can be edited through forms and custom tabs.
• This gives you access to the “Edit Bin/Queue” functionality in Workflows

Grants access to view the Audit Log for a student record.

• A great tool that allows for users to see all activity history on a record. It’s not necessary for everyone to have access.

Grants access to upload documents and associate them with a record within Batch Acquire.

• This should be given to a select few people that will be processing documents. It takes training to ensure materials are being added appropriately.

Grants access to the Bin Management tool to batch assign reader bins and queues for applications included in a query. The user must also have read access to the query.

• Allows for a user to:
  • move an application to different bins
  • clear bins
  • assign users from the query tool
  • edit workflow tool in the reader.

• Recommend giving this to only a couple of individuals who are very detail oriented.
• Since duplicate applications cannot be merged through the Consolidate Records tool, this user should either also have Application Update permissions to allow for the deletion of the duplicate app, or there should be a process in place where an admin is notified of duplicate applications to be deleted.

Grants the ability to view and edit the SQL tab within the Form Builder; create and edit custom SQL queries; create and edit individual custom SQL exports and filters in the Query Builder tool.

Custom SQL is not necessary to use Slate. The use of custom SQL is discouraged. Slate has evolved to empower users with self-service tools that require zero knowledge of SQL. This permissions should only be given to advanced users who are comfortable with SQL.

Grants read access to dataset record data.

• Allows for searching records in different datasets. If certain datasets should not be searchable, it’s possible to add custom permissions to the dataset query base.

Grants write access to dataset record data.

• This permission should only be given to a select few people. Internal processes may be set in place to request that new records be added to a dataset.

Create Deliver messages and edit Deliver messages associated with the user account; Grants access to the Email Gateway Inbox to view emails sent by this user.

• Grants a user access to creating their own mailing. This does not allow the user to send mailings, or to view other  users' mailings. The user must have the Query permission to create a recipient list.
• Recommendation: Give this permission to any users who should be able to create bulk emails but not necessarily have access to other mailings nor have the ability to send them.

Create Deliver messages and edit any Deliver message, regardless of the user; Grants access to the SMS Inbox and the Email Gateway Inbox to view messages sent by any user.

• Grants a user access to view and edit all users' mailings.
• If a mailing is assigned to a Realm that a user does not have access to, the user will not have access to this mailing even with this permission.
• The user must have the Query or Query (edit all users) permission to create or edit recipient lists.
• Most users will not need this. Recommend keeping specific to marketing and communications teams and admins.
• Must also have Deliver permission.

Grants a user access to creating and editing existing Mailing Content Blocks.

• This is for creation and edit access specifically. Recommend keeping specific to marketing and communications teams and admins. All users would be able to utilize the content blocks created.

Grants a user access to place a Deliver message in the Outbox.

• Recommendation: Use this functionality or use the Ready for Review status.
• Users without Deliver Send permission can send emails to Outbox or Ready for Review to be reviewed by an advanced user. The user with Deliver Send can then send the email or return it to the original user for further edits.
• To be able to access emails in Outbox to review, a user must have this permission and Deliver (Edit All Users) permission.

Send or stop Deliver messages.

• Grants a user access to send mailings.
• This permission can be combined with Deliver or Deliver (edit all users) to send either just their own or other users' mailings.
• Recommendation: Give this to marketing, communications, and/or admin staff so emails can be filtered and reviewed before sending in bulk.

Create events, access and edit events associated with the user account. (Note: this only applies to user1, and not user2)

• Recommendation:  Give this permission to anyone who needs to access events and event lists.
• Grant specific access to Event Templates to allow users to create events from a preapproved template. Users will also be able to view all events tied to that template.
• If a user needs to be able to edit events from a certain template, this permission can be granted at the template level. They will not have access to create their own templates.

Create events, access and edit any event, regardless of the user.

• Grant to users who will be making templates and who may need to make adjustments/edits/new events for all other users.
• Must also have Events permission.

Create, access and edit Slate.org events.

• Recommendation: Use this permission the same way regular Slate Events are permissioned.

Grants access to the File Editor.

• This is a very powerful tool in Slate. The entire database's branding and the base of the Slate applications are managed here and can be easily edited. This access should be given to admins only.

Grants access to the Financial Aid checklist and the Financial Aid query folder.

• As there’s usually very secure information included in Financial Aid details, this should be granted only to those who will be managing Financial Aid packages and other higher level administrative staff

Create forms, access and edit forms associated with the user account.

• This would allow for users to create any type of form.
• Recommendation: As forms are one of the primary methods of getting records and data into Slate, conservatively grant this permission.
• If this permission is granted, it would be best practice to create foundational form templates for users to build off of to ensure all pertinent information is included on the form.

Create forms, access and edit forms, regardless of the user.

• This permission should be granted to any super users and
  admins.

Grants read access to the Giving tab. 

• Slate for Advancement only.

Grants write access to the Giving tab. 

• Slate for Advancement only.

Grants the ability to edit a gift without requiring a reversal. 

• Slate for Advancement only.

Grants the ability to create and update Opportunities. 

• Slate for Advancement only.

Grants access to import files using Upload Dataset.

• Recommendation: Grant this permission to data  processing and admins or highly trained departmental staff.
• Source Formats can be created to ensure that mappings are done correctly if more users are granted this access.

Grants access to Message Inbox.

• To be able to view messages in an Inbox group, a specific Inbox Role, which will be assigned to the Inbox group, must be created and granted to the user.
• This will also give access to Inbox Snippets. However, without Inbox Snippets Admin permission, a user can only access their personal snippets, snippets that are shared with them, and signature to edit.

Grants access to add and update Interactions on the Timeline tab of the person record.

• This permission must be given for users to read interactions on a person’s timeline.
• If there are certain interactions that a user should not have access to use, permissions can be added to specific interactions.

Create interview slots, access and edit interviews associated with the user account.

• Recommendation: Manage the same way as Events permissions are managed.

Create interview slots, access and edit any interview, regardless of the user.

• Recommendation: Manage the same way as Events permissions are managed.

Gives access to share custom views such as schools, jobs, and more

• Recommendation: Grant this permission to administrators only.

Grants access to the Payment History page.

• Allows users to see all Payment History recorded and transaction details in Slate.
• If a user has access to the Slate Template Library Query base, they can query on the Payment History regardless of having this permission.

Grants write access to Payment activities/interactions.

• Must have Application Update and/or Interaction permissions.

Grants write access to Payment refunds.

• Specific to Slate Payments only.

Grants access to impersonate an application record. Impersonation also requires the Application Update and Person Update permissions.

• A very helpful permission to have but it can be very easy to make edits in an applicant’s application without the ability to undo the edit. This should only be given to a select few users.

Grants read access to view a person record.

• Gives access to the student record but if Application Lookup permission is not granted, applications will not appear on a record.

Grants read access to view a student record that is configured as Active.

• It’s only possible to activate or inactivate a person record through rules so unless you’re using this practice, this permission isn’t very useful. Inactivating person records could be a useful practice, though, so it may be worth considering and then giving most users this permission instead of the main Person Lookup permission.

Grants read access to view a student record's optional test scores unmasked.

• If you’re using rules to set tests as Test Optional, this permission would be required to unmask and view masked tests on a person’s record. Test scores would still be visible in the reader if Test Scores were added to an application PDF or dashboard.

Grants write access to person data, including the ability to update biographical data, interactions, and person-scoped fields.

• Recommendation: This permission is very powerful. Carefully consider who is granted this permission.
• Allows access to edit standard person-scoped fields like school, tests (self-reported only), interests, etc. It also allows access to delete a record, merge accounts, edit Slate ID, and other secure and sensitive information.

Grants write access to create and edit verified test scores.

• Requires Person Update permission. Allows a user to add verified test scores directly onto the person record.

Grants access to the Portal Editor.

• This should be given to admin or users who have been trained and practiced in portals.

Grants access to Project.

• Allows a user to create projects and tasks. A user does not need this permission to have a task assigned to them.

Create queries and run or edit queries associated with the user account.

• Most users can have this tool but it’s best practice to create useful queries that can be shared with users to mitigate users pulling inaccurate data.
• Consider setting permissions to custom fields that may hold sensitive data, otherwise the data will be available through the query tool.

Grants access to utilizing Configurable Joins Query Bases to start a query. Access to starting a Query using Configurable Joins query bases can be granted in masse, or on a base-by-base basis. Bases to which a user has been granted access can also be used as the base of Independent Sub-Queries.

• Query permission must also be explicitly granted to allow a user to access the Query tool.
• Access can be given to individual query-bases. This may be recommended in order to prevent people from querying sensitive data (e.g. Payments base).
• Recommendation: Train heavily on Configurable Joins before allowing users to create their own CJ queries to ensure the most accurate data is being pulled and reported.

Query (Configurable Joins – Join Access)

Grants access to joining to the specified table within a Configurable Joins Query. Access to joining specific tables can be granted in masse, or on a table-by-table basis. Joins to which a user has been granted access can also be used as the base of Independent Sub-Queries.

• Query (Configurable Joins - Base Access) permission(s) must be granted to start a query using a Configurable Joins Query Base.
• Access can be given to individual joins.
• If a user is given access to all joins, they will have access to all bases even if they do not have permission to all Configurable Joins – Bases. If a user is meant to have access to only certain bases, the Joins permissions should match.

Create queries and run or edit any query, regardless of the user.

• Recommendation: Grant this permission to admin and power users.

Grants access to Export and Filter resources in the Slate Template Library while using the Query Builder.

• This provides access to the library bases. These bases may include sensitive information.
• Recommendation: Do not grant this permission without
  clear processes and protocol in place.

Grants access to queries in the System folder.

• Recommendation: Grant this permission to only admins and super users. The System folder often holds queries that are used across the entire database, such a Merge Public query, Person Custom Dashboards, etc.

Grants access to the Reader.

• All applicant reviewers should have access to the reader.
• Granular permissions can be added through bin configurations and population permissions.

Grants access to Classify within the Reader.

• Requires Reader permission.
• Allows a user to move applications to a bin in a
  “holding pattern”. This is not a commonly used feature and would recommend not giving access to this permission.

Grants access to access a recommendation form from the student’s record.

• Recommendation: Give access to the same users with Person Impersonate

Grants access to view relationship data on a person record.

• Unless there’s a university policy in place, there’s no real harm in giving this permission to users to allow a view of a student’s relationships.

Grants write access to create and edit relationship data on a person record.

• Grant this permission similarly to Person and/or Application update.

Grants access to the Release Decisions module - including the ability to confirm decisions, assign letters, and release decisions in batch.

• The release decision tool can be accessed without the Application Decide permission. This is recommended for Decision Processors.
• Recommendation: Grant a couple of users who are well-trained and detail oriented.

Grants access to the retention policy editor.

• This is a very powerful tool that should only be granted to admins.

Grants access to edit all policies within the retention policy editor.

• This will grant access to edit other users’ retention policies.

Grants access to execute all policies within the retention policy editor.

• This will grant access to execute (thus run and delete rows) any users’ retention policies.

Grants access to the Rules Editor.

• Recommendation: Grant this permission to only admin
  and super user.

View the Technolutions Knowledge Base, and Community Forums.

• Recommendation: Grant this permission to all
  users.
• 99.9% of the Knowledge base is publicly accessible.

View service desk requests associated with your institution.

• Grants users access to view the service desk requests that have already been submitted.

Grants access to the Slate Voice Switchboard.

• Switchboard provides a live overview of all active calls taking place and a list of recent calls. It also lets a user provide audio feedback to the Slate user on the call or take control of the call outright. This permission should be granted to directors or managers who are overseeing calling campaigns.

Grants access to the Workflow Editor which is the new all-in-one Reader Build tool.

• This should be given to
  admin or super users only.