Object-Level Permissions

An organization administrator can use object-level permissions to add or remove individual objects from the user group domain.

By default, the user group defines the objects that a user can access. User group permissions are configured by object type. Object-level permissions add additional or custom security for specific objects.

For example, you have a Developer user group that allows all users in the group to configure, delete, and run all tasks. You also have a Scheduling user group that allows its users to configure schedules and task flows, but not tasks. When a task no longer requires the Developer user group to edit it, you can edit task permissions to secure the task and move it into production. Configure the task permissions to remove all permissions for the Developer group. At the same time, you can grant the Scheduling group view and run permissions.