How to Manage User Role Access

Goal

Use this guide to control which user roles can access specific protected pages in your app. For example, you might create an Admin Panel that only Administrators can access, or separate dashboards for Managers and Employees—each with different levels of access based on their role.

Prerequisites

• You have a protected page already created (see "How to Create a Login-Protected Page")
• You have at least one user role table set up in your app
• For conceptual background on user roles and permissions, see "User Management Fundamentals"

Step-by-Step Instructions

Setting Access to All Logged-In Users

1. Navigate to the Pages section in the Builder.
2. Click on the protected page you want to configure.
3. Click the Access tab in the page settings panel.
4. Locate the "Which logged-in users can access this page?" section.
5. Select All logged-in users (this is the default setting).
6. Click Save to apply the changes.

When to use this: Choose this option when all authenticated users should have access to the same content, regardless of their assigned role.

Restricting Access to Specific User Roles

1. Navigate to the Pages section in the Builder.
2. Click on the protected page you want to configure.
3. Click the Access tab in the page settings panel.
4. Locate the "Which logged-in users can access this page?" section.
5. Select Specific user roles only.
6. Check the box next to each role that should have access to this page. You can select one role or multiple roles.
7. Click Save to apply the changes.

When to use this: Choose this option when different types of users need different levels of access—such as separating what Administrators, Managers, and Employees can see.

Using Page Rules for Element-Level Control

When multiple user roles can access the same page, you can use page rules to show or hide specific elements based on the user's role.

1. Navigate to the page that multiple roles can access.
2. Click on the element you want to control (e.g., a form, table, or button).
3. In the element settings, click the Rules tab.
4. Click Add Rule to create a new page rule.
5. Configure the rule:
   • WHEN: Set the condition to check the logged-in user's role (e.g., "Logged-in user's role is Admin")
   • THEN: Choose Show this element or Hide this element
6. Click Save to apply the rule.
7. Repeat for other elements that should have role-based visibility.

Example: On a company event calendar accessible to all roles, you could add a page rule to show the "Add New Event" form only when the logged-in user is assigned the HR role.

Important: Page rules control visibility but should not be relied upon for security. Always use page-level protection to secure sensitive content.

Verifying User Access

To test that role-based access is working correctly:

1. Click Preview to open your Live App.
2. Log in with a user account that has the required role.
3. Verify that the protected page is accessible and displays correctly.
4. Log out and log in with a user account that does NOT have the required role.
5. Verify that the page is not accessible or not visible in the navigation menu.
6. If access is not working as expected, return to the Access tab and verify the role selections.

Result

Your protected page now restricts access based on user roles. Only users assigned to the selected roles can view the page after logging in. Users without the required roles will not see the page in the navigation menu and will be prevented from accessing it directly.