A breakdown of Application User roles and their capabilities in Rayven applications.
Overview
Rayven provides fine-grained control over what Application Users can do within an application through the use of defined roles. Each Application User is assigned a role that determines their permissions—ranging from full administrative control to limited view-only access.
This matrix applies to Application Users only (those who interact with the application interfaces at app.rayven.io). In addition to standard interface access, users with higher permission levels—like Admin or Super Admin—can also access key Workspace functions such as UID management, user management, and interface setup, directly from the App Interface. This allows authorised users to perform admin tasks without needing Workspace access.
Application User Roles
Application Users can be assigned one of the following roles:
-
Super Admin
-
Admin
-
Customer Admin
-
Editor
-
Basic Viewer
-
Public Viewer
Each role defines which actions a user can perform when interacting with the application’s interfaces, data, and configuration options.
Permissions Matrix
The table below summarises the permissions associated with each Application User role:
| Capability | Public Viewer | Basic Viewer | Editor | Customer Admin | Admin | Super Admin |
|---|---|---|---|---|---|---|
| Access App Interfaces | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
| Share Interfaces | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
| Export CSV | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ |
| Analytics Interfaces / Chart Ranges | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ |
| Add/Edit Rows (Secondary Tables) | ❌ | ❌ | ✅ | ✅ | ✅ | ✅ |
| Move Widgets | ❌ | ❌ | ✅ (if enabled) | ✅ (if enabled) | ✅ (if enabled) | ✅ |
| Edit Widgets (three dots) | ❌ | ❌ | ✅ (if enabled) | ✅ (if enabled) | ✅ (if enabled) | ✅ |
| Configure Reports | ❌ | ❌ | ❌ | ✅ | ✅ | ✅ |
| Manage Users (This User Group) | ❌ | ❌ | ❌ | 🔍 View only | ✅ | ✅ |
| UID Management (Current User Group) | ❌ | ❌ | ❌ | ❌ | ✅ (Labels only) | ✅ (Full UID access) |
| View Email & SMS Log | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ |
| Use Node Export | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ |
| Manage Users (All User Groups) | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ |
| Manage Application Interfaces | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ |
Accessing Admin Functions via the App Interface
The permissions listed in the matrix below—such as UID Management, User Management, and Interface Management—can be made accessible directly within the App Interface. When a user has the required role and permission, the corresponding Workspace views can be exposed as part of the application experience.
-
A user with UID Management permission can access the Workspace Primary Tables interface to add or remove records from the Primary Table. This view is embedded directly within the App Interface.
-
A user with User Management permission can access the Workspace Users view for their assigned User Group (or all groups if Super Admin) to manage users. This includes viewing, adding, and removing Application Users.
-
A user with Interface Management permission (Super Admin only) can access the Workspace Interfaces view to create new interfaces and control which widgets are included.
These functions will only be accessible if the user's role includes the corresponding permission as defined in the matrix. App builders must assign the relevant interface and configure access through User Group settings.
How to Assign Permission Levels
When adding or editing an Application User in the Workspace, you assign them a permission level. The permission level determines what they can do within the App Interface, as outlined in the matrix above.
In addition to selecting a permission level (e.g. Editor, Admin, Super Admin), you can also enable two optional settings:
-
Edit Interfaces – Allows the user to move and resize widgets within an interface.
-
Edit Widgets – Allows the user to access widget settings via the three-dot menu on each widget.
These checkboxes appear when creating or editing a user and are only relevant to permission levels that support layout or widget editing.
Summary
Application User permissions in Rayven define not just what users can view or interact with—but also which administrative functions they can perform. By assigning an appropriate permission level and configuring access via User Groups, you can enable selected users to manage data, users, and interfaces directly from the App Interface.
This approach allows you to give end-users powerful tools without exposing the full Workspace, making it easier to delegate admin tasks securely within your application.
FAQs
Can Application Users access admin functionality from the App Interface?
Yes. If an Application User has the required permission level (e.g. Admin or Super Admin), they can access selected Workspace views—such as managing UIDs (Primary Tables), users, or interfaces—directly from within the App Interface. These capabilities must be deliberately exposed through assigned interfaces and user group settings.
What’s the difference between a permission level and a user group?
The permission level determines what actions a user is allowed to perform (as shown in the matrix). The user group defines which interfaces and filtered data the user can access. Both must be configured for a user to access admin functions.
Can a user belong to multiple User Groups?
Yes. Application Users can belong to multiple groups within the same application. If their permission level is Editor or higher, they can switch between groups using the dropdown in the App Interface.
Who can move or resize widgets on an interface?
Only users with the Edit Interfaces option enabled and a permission level of Editor or higher (including Admin and Super Admin) can adjust widget layout.
Who can configure widget settings using the three-dot menu?
Only users with the Edit Widgets option enabled and a permission level of Editor or higher can access widget configuration.
How is UID management handled from the App Interface?
Users with UID Management permission will be able to access the Workspace Primary Tables interface directly in the App Interface to add or remove records.
Can users change their own permissions?
Only Admins or Super Admins (depending on scope) can modify another user’s permission level or access.
Can I hide admin functions for lower-level users?
Yes. Access to admin interfaces is controlled through user group assignments. Only users in groups that are explicitly given access to those interfaces will see them.