A permission group is a group of users who share the same set of permissions. You can see a list of your permission groups by going to Users > Permission Groups.
Clicking on a permission group shows you its properties, which are categorized into sections on page:
Linked Authentication Groups — If you are using an LDAP authentication provider, these authentication group’s users are automatically added to the permission group.
Users — This section shows the users who have been added to the permission group.
Access Permissions — A list of the permissions assigned to the permission group appears in this section.
Assign Group Access to Specific Flows — If this permission group has been assigned access to particular live flows, they are listed in this section. Users in this permission group, along with any other groups that have been assigned access to these flows, can access these flows and their submissions, documents, releases, layouts, and models.
To learn more about changing these properties, see Managing Permission Groups.
Default permission groups
Hyperscience comes with six built-in permission groups. You cannot delete these groups or change their permissions.
If these permission groups don't meet your needs, you can create custom permission groups for your users. To learn more, see Managing Permission Groups
System Admin
The default active permission group, System Admins effectively have full access to the instance and production data. They are uniquely able to change advanced system settings, manage field data types and the field dictionary, review the jobs queue and restart halted jobs, modify user access and permissions, and more. System Admins are typically engineers and the most senior business users. There must be at least one System Admin user upon installation.
Business Admin
Business Admins are primarily responsible for the management of layouts. By default, they have most permissions, except some reserved for System Admins. They are able to see all system reporting and make and delete submissions.
Data Keyer Admin
Data Keyer Admins are able to see and manage the work queue, as well as view reporting related to all individual keyers. They are also able to complete Supervision and Quality Assurance Tasks.
Data Keyer
Data Keyers by default have very limited permissions. They can see and complete Supervision tasks, and they can view the outstanding queue.
Knowledge Worker
Knowledge Workers have the same default permissions as Data Keyers, except that they can also view submissions. This added permission allows Knowledge Workers to complete all tasks associated with a submission.
API User
By default, API Users only have the permission that allows them to send API requests. To learn more about our APIs, see our API documentation.
Trainer API User
Trainer API Users have permission that allows them to send API requests to trainer-specific endpoints.
By default, the system includes all users who have API access in this permission group. We recommend editing this group so that it contains only the user you have created for the trainer.
Default permissions
The table below lists the default permissions for each permission group. You can customize the permissions for each group to meet your organization's needs.
Administration
Permission | Description | Sys Admin | Business Admin | Data Keyer Admin | Data Keyer Staff | Knowledge Worker | API User | Trainer API User |
|---|---|---|---|---|---|---|---|---|
Access Advanced Administration and Debug Tools | Allows a user read-only access to /admin. Used for reviewing additional debugging information about the system's underlying processing. | Yes | Yes | No | No | No | No | No |
Edit Settings | Allows user to edit all of the system settings. | Yes | Yes | No | No | No | No | No |
Export Settings | Allows user to export system settings. | Yes | No | No | No | No | No | No |
Fail Halted Jobs | Allows user to fail halted jobs via the Jobs table. Should be reserved for System Admins only. | Yes | No | No | No | No | No | No |
Import Settings | Allows user to import system settings. | Yes | No | No | No | No | No | No |
Retry Halted Jobs | Allows user to trigger a retry of halted jobs via the Jobs table or failed flows in the Flows Execution table. If the user does not have the View Jobs permission, this permission only applies to the Flow Execution table (Flows > Flow Executions). | Yes | Yes | No | No | No | No | No |
View Jobs | Allows user to see the Jobs page. | Yes | No | No | No | No | No | No |
Manage Trainer Jobs | Gives user access to all actions related to Semi-structured and Classification models: 1) View Models Library and models, 2) Run a training job, 3) Download, upload, and deploy a model, 4) View Trainer page, 5) Cancel trainer tasks. To access the Library section of the application, a user must have either the View Layouts or Manage Trainer Jobs permission. | Yes | No | No | No | No | No | No |
View System Health and Settings | Allows user to view the System Health (Administration > System Health) and Settings (Administration > Settings) pages. | Yes | No | No | No | No | No | No |
Flows
Permission | Description | Sys Admin | Business Admin | Data Keyer Admin | Data Keyer Staff | Knowledge Worker | API User | Trainer API User |
|---|---|---|---|---|---|---|---|---|
Edit Connections | Allows user to upload connectors and set up and edit connections to input and output endpoints, such as a folder, an email, or a message queue, through which documents come into the system and extracted data is output. | Yes | No | No | No | No | No | No |
Edit Flows | Allows user to edit flows. | Yes | Yes | No | No | No | No | No |
Edit Secrets | Allows user to enter and update client secrets (e.g., passwords) in Input Blocks and Output Blocks. | Yes | No | No | No | No | No | No |
Import Flows | Allows user to import flows to the application. | Yes | No | No | No | No | No | No |
Run Flows | Allows user to send requests to the Flow Actions API endpoints. | Yes | Yes | No | No | No | No | No |
View Flow Executions | Allows user to see the Flow Runs page (Flows > Flow Runs). | Yes | Yes | No | No | No | No | No |
View Flows | Allows user to view flows. | Yes | Yes | No | No | No | No | No |
Library
Permission | Description | Sys Admin | Business Admin | Data Keyer Admin | Data Keyer Staff | Knowledge Worker | API User | Trainer API User |
|---|---|---|---|---|---|---|---|---|
Edit Contents Of Data Types | Allows user to edit the lists of values in the definitions of field data types. | Yes | No | No | No | No | No | No |
Edit Data Types | Allows user to edit system data types. | Yes | No | No | No | No | No | No |
Edit Field Dictionary | Allows user to edit fields in the field dictionary. | Yes | No | No | No | No | No | No |
Edit Releases | Allows user to create and edit layout releases. | Yes | Yes | No | No | No | No | No |
Edit Layouts | Allows user to make changes to drafts of layouts. | Yes | Yes | No | No | No | No | No |
Edit Training Data | Allows user to edit data in the Training Documents card of the Model Details page. | Yes | Yes | No | No | No | No | No |
View Data Types | Gives user read-only access to the Data Types Library and allows them to view data types. | Yes | Yes | No | No | No | No | No |
View Field Dictionary | Gives user read-only access to the Field Dictionary tab in the Library. | Yes | Yes | No | No | No | No | No |
View Layout Variation Performance | Allows user to view the Layout Variation Performance section of Reporting. | Yes | Yes | No | No | No | No | No |
View Releases | Gives user read-only access to the Releases Library and allows them to view releases. | Yes | Yes | Yes | No | No | No | No |
View Layouts | Gives user read-only access to the Layouts Library and allows them to download layouts. To access the Library section of the application, a user must have either the View Layouts or Manage Trainer Jobs permission. | Yes | Yes | Yes | No | No | No | No |
View Training Data | Allows user to view data in the Training Documents card of the Model Details page. | Yes | Yes | No | No | No | No | No |
Reporting
Permission | Description | Sys Admin | Business Admin | Data Keyer Admin | Data Keyer Staff | Knowledge Worker | API User | Trainer API User |
|---|---|---|---|---|---|---|---|---|
View Usage Reports | Allows user to view the Usage section of Reporting. | Yes | Yes | No | No | No | No | No |
View Processing Time Reports | Allows user to view Processing Time reports. | Yes | Yes | Yes | No | No | No | No |
View User Performance Reports | Allows user to view the User Performance tab, specifically the Supervision Volume, Performance Distribution, and All Users Performance Summary charts. | Yes | Yes | Yes | No | No | No | No |
View Overview and Accuracy Reports | Allows user to view throughput and data quality reports, specifically the Automation, Field Output Accuracy, System Throughput, Automation with Accuracy Training, Manual vs. Machine Accuracy, and System Transcription Sampled Errors. | Yes | Yes | No | No | No | No | No |
Submissions
Permission | Description | Sys Admin | Business Admin | Data Keyer Admin | Data Keyer Staff | Knowledge Worker | API User | Trainer API User |
|---|---|---|---|---|---|---|---|---|
Delete Cases | Allows user to delete cases via the Cases table. | Yes | Yes | No | No | No | No | No |
Delete Submissions | Allows user to delete submissions via the Submission table. | Yes | Yes | No | No | No | No | No |
Download Potential Layout Variation Results | Allows a user to download a ZIP file with the results of a Potential Layout Variation job. | Yes | No | No | No | No | No | No |
Upload Submissions | Allows user to upload submissions via the UI. Not recommended for use in production environments. | Yes | Yes | No | No | Yes | No | No |
Run Potential Layout Variation Jobs | Allows user to create and run a Potential Layout Variation job. | Yes | No | No | No | No | No | No |
View Cases | Allows user to view the Cases page. | Yes | Yes | No | No | Yes | No | No |
View Potential Layout Variation Jobs | Allows user to view the Potential Layout Variation jobs table. | Yes | Yes | No | No | No | No | No |
View No Layout Found | Allows user to view "No Layout Found" submissions. | Yes | Yes | No | No | No | No | No |
View Submissions | Allows user to view the Submissions table and Document output pages. | Yes | Yes | No | No | Yes | No | No |
Tasks
Permission | Description | Sys Admin | Business Admin | Data Keyer Admin | Data Keyer Staff | Knowledge Worker | API User | Trainer API User |
|---|---|---|---|---|---|---|---|---|
Adjust Task Queue Processing Deadlines | Allows user to escalate/deprioritize tasks in the Task Queue. | Yes | Yes | Yes | No | No | No | No |
Clear QA Tasks | Allows user to clear Quality Assurance tasks. | Yes | Yes | Yes | No | No | No | No |
Complete Classification Model Validation | Allows user to view and complete Classification Model Validation tasks. | Yes | Yes | Yes | Yes | Yes | No | No |
Complete Classification QA | Allows user to complete Document Classification QA tasks from the Perform Tasks tab (Tasks > Perform Tasks). | Yes | Yes | Yes | Yes | Yes | No | No |
Complete Classification Supervision | Allows user to complete Document Classification Supervision tasks. | Yes | Yes | Yes | Yes | Yes | No | No |
Complete Custom Supervision | Allows user to complete Custom Supervision tasks. | Yes | Yes | Yes | No | Yes | No | No |
Complete Flexible Extraction Supervision | Allows user to complete Flexible Extraction tasks. | Yes | Yes | Yes | Yes | Yes | No | No |
Complete Identification Model Validation | Allows user to complete Model Validation tasks for Field and Table Locator models. | Yes | Yes | Yes | Yes | Yes | No | No |
Complete Identification QA | Allows user to complete Identification QA tasks from the Perform Tasks tab (Tasks > Perform Tasks). | Yes | Yes | Yes | Yes | Yes | No | No |
Complete Identification Supervision | Allows user to complete Field ID Supervision and Table ID Supervision tasks. | Yes | Yes | Yes | Yes | Yes | No | No |
Complete Transcription QA | Allows users to complete Transcription QA tasks from the Perform Tasks tab (Tasks > Perform Tasks). | Yes | Yes | Yes | Yes | Yes | No | No |
Complete Transcription Supervision | Allows user to complete Transcription Supervision tasks. Does not include Flexible Extraction. | Yes | Yes | Yes | Yes | Yes | No | No |
View Supervision and QA Cards | Allows user to view the Perform Tasks tab (Tasks > Perform Tasks). If a user doesn’t have this permission, they can access the page, but the content will be hidden. | Yes | Yes | Yes | Yes | Yes | No | No |
View Task Overview | Allows user to view the Overview tab (Tasks > Overview). If a user doesn’t have this permission, the Overview tab is hidden. | Yes | Yes | Yes | Yes | Yes | No | No |
View Task Queue | Allows user to view the Task Queue (Tasks > Task Queue). If a user doesn’t have this permission, the Task Queue tab will be hidden. | Yes | Yes | Yes | Yes | Yes | No | No |
Users
Permission | Description | Sys Admin | Business Admin | Data Keyer Admin | Data Keyer Staff | Knowledge Worker | API User | Trainer API User |
|---|---|---|---|---|---|---|---|---|
API Access | Allows user to make API calls with their auth token. | Yes | Yes | No | No | No | Yes | No |
Edit API Accounts | Allows user to create and edit API Accounts (SaaS instances only). | Yes | No | No | No | No | No | No |
Edit Layout Task Restrictions | Allows user to edit document restrictions. | Yes | Yes | No | No | No | No | No |
Edit Permission Groups | Allows user to edit permission and authentication groups. | Yes | No | No | No | No | No | No |
Edit Users | Allows user to force log out any user. Only recommended for System Admins. | Yes | No | No | No | No | No | No |
Trainer API Access | Allows user to send API requests to trainer-specific endpoints. | Yes | Yes | No | No | No | No | Yes |
View API Accounts | Gives user read-only access to the API Accounts page (SaaS instances only). | Yes | No | No | No | No | No | No |
View Layout Task Restrictions | Allows user to view document restrictions. | Yes | Yes | Yes | No | No | No | No |
View User API Tokens | Allows user to view API authentication tokens for any user. | Yes | No | No | No | No | No | No |
View Users and Permission Groups | This is the single-view permission for all user and group settings. | Yes | Yes | No | No | No | No | No |