Permission Groups

A permission group is a group of users who share the same set of permissions. You can see a list of your permission groups by going to Users > Permission Groups

Clicking on a permission group shows you its properties, which are categorized into sections on page:

  • Linked Authentication Groups —  If you are using an LDAP authentication provider, these authentication group’s users are automatically added to the permission group.

  • Users — This section shows the users who have been added to the permission group.

  • Access Permissions —  A list of the permissions assigned to the permission group appears in this section.

  • Assign Group Access to Specific Flows — If this permission group has been assigned access to particular live flows, they are listed in this section. Users in this permission group, along with any other groups that have been assigned access to these flows, can access these flows and their submissions, documents, releases, layouts, and models.

To learn more about changing these properties, see Managing Permission Groups.

Default permission groups

Hyperscience comes with six built-in permission groups. You cannot delete these groups or change their permissions.

If these permission groups don't meet your needs, you can create custom permission groups for your users. To learn more, see Managing Permission Groups

System Admin

The default active permission group, System Admins effectively have full access to the instance and production data. They are uniquely able to change advanced system settings, manage field data types and the field dictionary, review the jobs queue and restart halted jobs, modify user access and permissions, and more. System Admins are typically engineers and the most senior business users. There must be at least one System Admin user upon installation.

Business Admin

Business Admins are primarily responsible for the management of layouts. By default, they have most permissions, except some reserved for System Admins. They are able to see all system reporting and make and delete submissions.

Data Keyer Admin

Data Keyer Admins are able to see and manage the work queue, as well as view reporting related to all individual keyers. They are also able to complete Supervision and Quality Assurance Tasks.

Data Keyer

Data Keyers by default have very limited permissions. They can see and complete Supervision tasks, and they can view the outstanding queue.

Knowledge Worker

Knowledge Workers have the same default permissions as Data Keyers, except that they can also view submissions. This added permission allows Knowledge Workers to complete all tasks associated with a submission.

API User

By default, API Users only have the permission that allows them to send API requests. To learn more about our APIs, see our API documentation.

Trainer API User

Trainer API Users have permission that allows them to send API requests to trainer-specific endpoints. 

By default, the system includes all users who have API access in this permission group. We recommend editing this group so that it contains only the user you have created for the trainer.

Default permissions

The table below lists the default permissions for each permission group. You can customize the permissions for each group to meet your organization's needs. 

Administration

Permission

Description

Sys Admin

Business Admin

Data Keyer Admin

Data Keyer Staff

Knowledge Worker

API User

Trainer API User

Access Advanced Administration and Debug Tools

Allows a user read-only access to /admin. Used for reviewing additional debugging information about the system's underlying processing.

Yes

Yes

No

No

No

No

No

Edit Settings

Allows user to edit all of the system settings.

Yes

Yes

No

No

No

No

No

Export Settings

Allows user to export system settings.

Yes

No

No

No

No

No

No

Fail Halted Jobs

Allows user to fail halted jobs via the Jobs table. Should be reserved for System Admins only.

Yes

No

No

No

No

No

No

Import Settings

Allows user to import system settings.

Yes

No

No

No

No

No

No

Retry Halted Jobs

Allows user to trigger a retry of halted jobs via the Jobs table or failed flows in the Flows Execution table.

If the user does not have the View Jobs permission, this permission only applies to the Flow Execution table (Flows > Flow Executions).

Yes

Yes

No

No

No

No

No

View Jobs

Allows user to see the Jobs page.

Yes

No

No

No

No

No

No

Manage Trainer Jobs

Gives user access to all actions related to Semi-structured and Classification models: 1) View Models Library and models, 2) Run a training job, 3) Download, upload, and deploy a model, 4) View Trainer page, 5) Cancel trainer tasks.

To access the Library section of the application, a user must have either the View Layouts or Manage Trainer Jobs permission.

Yes

No

No

No

No

No

No

View System Health and Settings

Allows user to view the System Health (Administration > System Health) and Settings (Administration > Settings) pages.

Yes

No

No

No

No

No

No

Flows

Permission

Description

Sys Admin

Business Admin

Data Keyer Admin

Data Keyer Staff

Knowledge Worker

API User

Trainer API User

Edit Connections

Allows user to upload connectors and set up and edit connections to input and output endpoints, such as a folder, an email, or a message queue, through which documents come into the system and extracted data is output.

Yes 

No

No

No

No

No

No

Edit Flows

Allows user to edit flows.

Yes

Yes

No

No

No

No

No

Edit Secrets

Allows user to enter and update client secrets (e.g., passwords) in Input Blocks and Output Blocks.

Yes

No

No

No

No

No

No

Import Flows

Allows user to import flows to the application.

Yes

No

No

No

No

No

No

Run Flows

Allows user to send requests to the Flow Actions API endpoints.

Yes

Yes

No

No

No

No

No

View Flow Executions

Allows user to see the Flow Runs page (Flows > Flow Runs).

Yes

Yes

No

No

No

No

No

View Flows

Allows user to view flows.

Yes

Yes

No

No

No

No

No

Library

Permission

Description

Sys Admin

Business Admin

Data Keyer Admin

Data Keyer Staff

Knowledge Worker

API User

Trainer API User

Edit Contents Of Data Types

Allows user to edit the lists of values in the definitions of field data types.

Yes

No

No

No

No

No

No

Edit Data Types

Allows user to edit system data types.

Yes

No

No

No

No

No

No

Edit Field Dictionary

Allows user to edit fields in the field dictionary.

Yes

No

No

No

No

No

No

Edit Releases

Allows user to create and edit layout releases.

Yes

Yes

No

No

No

No

No

Edit Layouts

Allows user to make changes to drafts of layouts.

Yes

Yes

No

No

No

No

No

Edit Training Data

Allows user to edit data in the Training Documents card of the Model Details page.

Yes

Yes

No

No

No

No

No

View Data Types

Gives user read-only access to the Data Types Library and allows them to view data types.

Yes

Yes

No

No

No

No

No

View Field Dictionary

Gives user read-only access to the Field Dictionary tab in the Library.

Yes

Yes

No

No

No

No

No

View Layout Variation Performance

Allows user to view the Layout Variation Performance section of Reporting.

Yes

Yes

No

No

No

No

No

View Releases

Gives user read-only access to the Releases Library and allows them to view releases.

Yes

Yes

Yes

No

No

No

No

View Layouts

Gives user read-only access to the Layouts Library and allows them to download layouts.

To access the Library section of the application, a user must have either the View Layouts or Manage Trainer Jobs permission.

Yes

Yes

Yes

No

No

No

No

View Training Data

Allows user to view data in the Training Documents card of the Model Details page.

Yes

Yes

No

No

No

No

No

Reporting

Permission

Description

Sys Admin

Business Admin

Data Keyer Admin

Data Keyer Staff

Knowledge Worker

API User

Trainer API User

View Usage Reports

Allows user to view the Usage section of Reporting.

Yes

Yes

No

No

No

No

No

View Processing Time Reports

Allows user to view Processing Time reports.

Yes

Yes

Yes

No

No

No

No

View User Performance Reports

Allows user to view the User Performance tab, specifically the Supervision Volume, Performance Distribution, and All Users Performance Summary charts.

Yes

Yes

Yes

No

No

No

No

View Overview and Accuracy Reports

Allows user to view throughput and data quality reports, specifically the Automation, Field Output Accuracy, System Throughput, Automation with Accuracy Training, Manual vs. Machine Accuracy, and System Transcription Sampled Errors.

Yes 

Yes

No

No

No

No

No

Submissions

Permission

Description

Sys Admin

Business Admin

Data Keyer Admin

Data Keyer Staff

Knowledge Worker

API User

Trainer API User

Delete Cases

Allows user to delete cases via the Cases table.

Yes

Yes

No

No

No

No

No

Delete Submissions

Allows user to delete submissions via the Submission table.

Yes

Yes

No

No

No

No

No

Download Potential Layout Variation Results

Allows a user to download a ZIP file with the results of a Potential Layout Variation job.

Yes

No

No

No

No

No

No

Upload Submissions

Allows user to upload submissions via the UI. Not recommended for use in production environments.

Yes

Yes

No

No

Yes

No

No

Run Potential Layout Variation Jobs

Allows user to create and run a Potential Layout Variation job.

Yes

No

No

No

No

No

No

View Cases

Allows user to view the Cases page.

Yes

Yes

No

No

Yes

No

No

View Potential Layout Variation Jobs

Allows user to view the Potential Layout Variation jobs table.

Yes

Yes

No

No

No

No

No

View No Layout Found

Allows user to view "No Layout Found" submissions.

Yes

Yes

No

No

No

No

No

View Submissions

Allows user to view the Submissions table and Document output pages.

Yes

Yes

No

No

Yes

No

No

Tasks

Permission

Description

Sys Admin

Business Admin

Data Keyer Admin

Data Keyer Staff

Knowledge Worker

API User

Trainer API User

Adjust Task Queue Processing Deadlines

Allows user to escalate/deprioritize tasks in the Task Queue.

Yes

Yes

Yes

No

No

No

No

Clear QA Tasks

Allows user to clear Quality Assurance tasks.

Yes

Yes

Yes

No

No

No

No

Complete Classification Model Validation

Allows user to view and complete Classification Model Validation tasks.

Yes

Yes

Yes

Yes

Yes

No

No

Complete Classification QA

Allows user to complete Document Classification QA tasks from the Perform Tasks tab (Tasks > Perform Tasks).

Yes

Yes

Yes

Yes

Yes

No

No

Complete Classification Supervision

Allows user to complete Document Classification Supervision tasks.

Yes

Yes

Yes

Yes

Yes

No

No

Complete Custom Supervision

Allows user to complete Custom Supervision tasks.

Yes

Yes

Yes

No

Yes

No

No

Complete Flexible Extraction Supervision

Allows user to complete Flexible Extraction tasks.

Yes

Yes

Yes

Yes

Yes

No

No

Complete Identification Model Validation

Allows user to complete Model Validation tasks for Field and Table Locator models.

Yes

Yes

Yes

Yes

Yes

No

No

Complete Identification QA

Allows user to complete Identification QA tasks from the Perform Tasks tab (Tasks > Perform Tasks).

Yes

Yes

Yes

Yes

Yes

No

No

Complete Identification Supervision

Allows user to complete Field ID Supervision and Table ID Supervision tasks.

Yes

Yes

Yes

Yes

Yes

No

No

Complete Transcription QA

Allows users to complete Transcription QA tasks from the Perform Tasks tab (Tasks > Perform Tasks).

Yes

Yes

Yes

Yes

Yes

No

No

Complete Transcription Supervision

Allows user to complete Transcription  Supervision tasks. Does not include Flexible Extraction.

Yes

Yes

Yes

Yes

Yes

No

No

View Supervision and QA Cards

Allows user to view the Perform Tasks tab (Tasks > Perform Tasks). If a user doesn’t have this permission, they can access the page, but the content will be hidden.

Yes

Yes

Yes

Yes

Yes

No

No

View Task Overview

Allows user to view the Overview tab (Tasks > Overview). If a user doesn’t have this permission, the Overview tab is hidden.

Yes

Yes

Yes

Yes

Yes

No

No

View Task Queue

Allows user to view the Task Queue (Tasks > Task Queue). If a user doesn’t have this permission, the Task Queue tab will be hidden.

Yes

Yes

Yes

Yes

Yes

No

No

Users

Permission

Description

Sys Admin

Business Admin

Data Keyer Admin

Data Keyer Staff

Knowledge Worker

API User

Trainer API User

API Access

Allows user to make API calls with their auth token.

Yes

Yes

No

No

No

Yes

No

Edit API Accounts

Allows user to create and edit API Accounts (SaaS instances only).

Yes

No

No

No

No

No

No

Edit Layout Task Restrictions

Allows user to edit document restrictions.

Yes

Yes

No

No

No

No

No

Edit Permission Groups

Allows user to edit permission and authentication groups.

Yes

No

No

No

No

No

No

Edit Users

Allows user to force log out any user. Only recommended for System Admins.

Yes

No

No

No

No

No

No

Trainer API Access

Allows user to send API requests to trainer-specific endpoints.

Yes

Yes

No

No

No

No

Yes

View API Accounts

Gives user read-only access to the API Accounts page (SaaS instances only).

Yes

No

No

No

No

No

No

View Layout Task Restrictions

Allows user to view document restrictions.

Yes

Yes

Yes

No

No

No

No

View User API Tokens

Allows user to view API authentication tokens for any user.

Yes

No

No

No

No

No

No

View Users and Permission Groups 

This is the single-view permission for all user and group settings.

Yes

Yes

No

No

No

No

No