As your product organization grows, permissions allow you to determine which information users can view and edit within Productboard. Setting up appropriate permissions allows your product teams to collaborate while maintaining control over their most important or sensitive data.
Currently, Productboard offers permission settings at the product level.
In this article:
- How do product permissions work?
- How to configure permissions for a product
- What is the read-only access experience like?
- What is the restricted access experience like?
- Frequently asked questions
How do product permissions work?
Understanding access levels
Granting or restricting permission at the product level means granting or restricting permission to that product's components, features, and subfeatures:
There are 2 levels of access that you can set at the product level:
- Company access: the default access level to a product for all users in your workspace
- Individual access: an individual user's access level to a product
Highest permission takes precedence
You may assign different permission on the company level, to teams and members. It’s important to note that the user will inherit the highest level of access.
For example, the Zlack product is set up with full-access at the company level. Terrence Anica is given read-only access to this product:
As the highest permission takes precedence, Terrence will have full-access via the company level access.
Sharing restricted products via a view
When you share a feature board view or a roadmap view with an audience that would not usually have access to a certain product, your audience will be able to see that product in read-only mode. In other words, your audience will see the exact same content you do:
Even if Evan Mac wouldn't usually be able to see Zlack on the Features board or the Roadmap board, they will have read-only access to Zlack when looking at this specific view.
Restricting the access of a product already included in other views
If a product’s company access level is changed from full-access to restricted, the product will still be visible in read-only mode in any views in which it was already included.
In other words, people who would typically be unable to see that restricted product will still be able to see it on any views which have been shared with them, unless you retroactively remove the restricted product from those views.
When you change a product’s company access level from full-access to restricted, we will ask whether you’d like to remove that now-restricted product from any pre-existing views:
How to configure permissions for a product
To change the permission of a product, make sure you are either a maker with admin access or a maker that has been granted full-access to the product.
Configure permissions from the product detail view
- Navigate to the Features board and click on the product you want to set up permissions for.
- Click on the permissions icon next to the menu.
- First, you'll be asked to configure access at the company level.
- Click the dropdown menu to review access options and make a selection. Remember, this serves as the default level of access for all users.
- Next, you can search for a team or a user to grant them access to the product at the individual level.
- Click on the dropdown menu to select the appropriate level of access for each team or individual.
- Click Save.
Configure permissions from the team view
- Click on the Workspace menu in the top left corner.
- Select Teams.
- Select the team whose permissions you wish to configure.
- Select the Products tab.
- Adjust permissions for each product.
What is the read-only access experience like?
The maker with read-only access to a product cannot drag and drop objects/entities in the product hierarchy, cannot edit any field in the Component, Feature, or sub-feature sidebar:
As a result, it also means that the maker cannot edit the feature field values that are represented as columns:
The maker with read-only access to a product cannot edit, drag, or add features on both column-based and timeline roadmaps.
A read-only user may still create an insight with a read-only feature. Linking a note to a feature via an insight does not change anything about the feature's own data - its timeframe, description, owner, etc.
The maker with read-only access to a product cannot create or add a portal card. They also cannot edit an existing portal card.
What is the restricted access experience like?
Products with company access level set to "restricted" will not be visible to you in Productboard, with two exceptions:
- You have been granted individual access to the product.
- You have access to a feature view or a roadmap view that includes that product. In such cases, you will have read-only access to the product within that specific view.
Restricted products in the filter bar
If a hierarchy filter contains a restricted product, you will not see that product listed. Instead, you will see a warning (shown above).
Restricted products in the Insights board
When linking a note to a feature (creating an insight), you will not see restricted products in the hierarchy window. Therefore, you will not be able to link a note to a restricted product.
Restricted products and objectives
When looking at an objective's detail card, you will not be able to see whether that objective is associated with any features belonging to a restricted product.
Restricted products and product fields (drivers, etc)
If you are looking at a product field's feature card, you will not be able to see restricted products, even if those products are associated with that product field.
Restricted products and dependencies
If a feature is dependent upon a feature in a restricted product - or if a restricted product's feature is dependent on another feature - you will not be able to see this.
Frequently asked questions
What happens if the whole company has full-access to a product but a user has restricted access?
The user will have full-access according to their role.
When I change a product’s company access level to restricted, can anybody still see its existence?
Only under two circumstances: if you've granted an individual or a team access to that product, and if you’ve already included that product in a feature or roadmap view shared with others. The restricted product will still be visible to anyone with access to that specific feature or roadmap view, even if they wouldn’t otherwise be able to see it. You can remove the restricted product from those views.
Are restricted products truly confidential?
No! Product permissions are meant to give users peace of mind that unauthorized users will not make changes to their colleagues’ work - they’re not a privacy setting. Data for restricted products is still sent to a user’s device and can be seen in their browser’s Developer Tools, though we hope to address this in the future.
Can I restrict access for other things in Productboard, like an objective or just a single feature?
Not at this time. Please let us know what kinds of permissions would be useful for you in our Portal!