Roles and permissions
Quickbase has very strong user and access management capabilities both at the platform level as well as at the app level. We enabled our admins to manage all users and all aspects of the platform from a single location, called the Admin Console. We also support group management at the platform level, allowing customers to group users by role and department. Using groups allows administrators to control access to data for collections of users by specific requirements. Both groups and users can be fully integrated with common IDM solutions such as AD and Okta (through SAML and SCIM protocols).
Administrators can use group-based access control at the platform level to simplify administration of different roles and permissions. Developers can serve in different roles by being given permission by a platform admin or application manager. The same Quickbase user can have different roles in different applications and setting. For example, developers can be, and often are, platform admins, application admins for some set of apps, builders in another set of apps, workflow creators in some and basic end users in others.
Quickbase also has a very strong capabilities for role-based access controls and fine-grained permissions at the application level. This gives administrators full control over who creates solutions and the data users have access to. RBAC can be applied broadly and down to specific data components, with specific in-app roles. Application managers control who sees what information in each application. Admins have the choice whether to user predefined roles, or create their own custom roles, to tailor permissions. These control the user interface by role, down to the field level.
Global permissions and settings are established at the realm level with other administration settings managed at the account, app and workflow levels. Super user permissions - giving those with this role full app manager control in every app in the account - help IT enforce permission, security and access policies.
For a better understanding of how granular the roles and permissions of Quickbase can be, see list below:
- Control who can create & manage new apps
- Control within apps who has building permission
- Provide deep RBAC within apps to control who can access what data
- Control for who can build workflow and who can use which integration channels
- Control API access to apps via user tokens to control extension points for custom code
- Control which apps must use Sandbox, who can make changes in Sandbox and who can publish changes
- Control who has what type of platform admin privileges
Quickbase’s advanced access management capabilities align
with corporate IT policies to ensure that the right people are
accessing your applications and your data is secure.
SSO and IdM integration
Quickbase supports Single Sign On and user provisioning and de-provisioning via SAML 2.0 to support enterprise access management and ensure platform security. With SAML and Quickbase, users can enter their user name and password once to access and connect to multiple applications and systems. With SSO, signing into Quickbase is handled through the corporate sign-in process. Realm administrators are able to enable user authentication to the Quickbase realm using SAML. This helps automate application access restrictions, but for more granular permissions admins are still able to use Quickbase access control features to set roles and permissions for the platform and in individual applications.
Additionally, Quickbase supports the standard SCIM specification,
which allows users to configure and automate user provisioning via IdM
solutions. Quickbase specifically offers support for Okta and OneLogin,
and has SCIM-compliant API endpoints for other IdM integrations.