Skip to main content


Permissions allow to control what each user can and cannot do in Atoti. See the full list. They can be edited in Atoti Admin. Unlike for settings, individual users are not allowed to edit their own permissions.

Update the permissions of a user

To change the permissions of a user, edit the file named permissions in the folder ui/users/<username>.

To know how to edit files, refer to this page.

Permission files are in the JSON format. Below is an example:

"canShare": true,
"canUseCalculatedMeasures": true

The username must be in the permissions file's readers, but not in its owners. To see a file's readers and owners, right-click the file and select "Properties".

Update the permissions of a group of users

Permissions can be defined for a group of users at once, in the file named permissions in the folder ui/user_roles/<name_of_user_group>.

This file shares the same format as the permissions files of individual users (see above).

It must have the name of the target user group in its readers, but not its owners.


If a user belongs to several groups, then they are granted the union of the permissions granted to these groups. For instance, suppose that a user belongs to ROLE_A and ROLE_B and that ROLE_A has the permission canShare set to true but ROLE_B does not. Then this user will be allowed to share content.

Update the base permissions for your organization

Finally, base permissions can be defined for all users in your organization at once. To modify these base permissions, edit the file named organization_permissions in the folder ui and make sure that it has ROLE_USER in its readers, but not its owners.