User Roles & Permissions

8 minute readLast updated: January 2025

Huddle's comprehensive user management system allows you to control exactly who can access your portals and what they can do. With five distinct role levels and granular permissions, you can create the perfect access structure for your organization.

Understanding Permission Levels

Huddle uses a hierarchical permission system with four levels of access control:

  1. 1.
    Portal-Level Permissions: Control who can access the entire portal
  2. 2.
    Page-Level Permissions: Restrict access to specific pages
  3. 3.
    Widget-Level Permissions: Show/hide widgets based on user role
  4. 4.
    Data-Level Permissions: Filter data rows and columns by user

User Roles Explained

Portal Admin

Full control over portal configuration and content

Portal Admin
Create and manage portals
Configure all settings and themes
Manage all users and roles
Access analytics and reports
Delete portals and data

Editor

Can create and modify portal content

Editor
Create and edit pages
Add and configure widgets
Upload media and files
Preview changes
Cannot change portal settings

Contributor

Can submit content for review

Contributor
Create draft pages
Submit forms
Upload attachments
View assigned content
Cannot publish changes

Viewer

Read-only access to portal content

Viewer
View published pages
Download permitted files
Submit forms (if allowed)
Cannot make any changes
Cannot see unpublished content

Guest

Limited access without authentication

Guest
View public pages only
Submit public forms
No personalized content
No data access
Must sign up for more access

Setting Up User Management

Step 1: Define Your User Groups

Before assigning roles, organize your users into logical groups:

  • Internal Staff: Employees who manage portal content
  • External Users: Customers, vendors, or partners
  • Reviewers: Users who need read-only access for approval workflows
  • Contributors: Users who submit data but don't manage content

Step 2: Assign Roles

To assign roles to users:

  1. Navigate to Portal Settings → Users
  2. Click Add User or select an existing user
  3. Choose the appropriate role from the dropdown
  4. Set any additional permissions or restrictions
  5. Save your changes

Important: Always follow the principle of least privilege. Give users only the permissions they need to perform their tasks. You can always add more permissions later.

Step 3: Configure Page-Level Access

Control which pages users can see:

  1. Edit any page in your portal
  2. Click Page Settings in the toolbar
  3. Under Access Control, select who can view the page
  4. Choose specific roles or create custom rules

Step 4: Set Widget Visibility

Show different content to different users on the same page:

  1. Select any widget in the page editor
  2. Click the Visibility tab in widget settings
  3. Choose which roles can see this widget
  4. Optionally, add conditions based on user attributes

Advanced Permission Features

Dynamic Role Assignment

Huddle supports dynamic role assignment based on user attributes from Smartsheet. For example, you can automatically assign the "Manager" role to users whose department field equals "Management" in your Smartsheet data.

Row-Level Security

Filter data so users only see records relevant to them:

  • Filter by user email (show only their records)
  • Filter by department, region, or custom fields
  • Create complex rules with multiple conditions
  • Apply filters globally or to specific widgets

Custom Permissions

Beyond the standard roles, you can create custom permission sets:

  • Mix and match permissions from different roles
  • Create department-specific roles
  • Set time-based access (temporary permissions)
  • Configure approval-based access escalation

Authentication Options

Single Sign-On (SSO)

Huddle supports SAML 2.0 SSO integration with popular identity providers:

  • Microsoft Azure AD
  • Google Workspace
  • Okta
  • OneLogin
  • Custom SAML providers

Multi-Factor Authentication (MFA)

Add an extra layer of security with MFA options:

  • SMS verification
  • Email verification
  • Authenticator apps (Google, Microsoft, Authy)
  • Hardware tokens (FIDO2/WebAuthn)

Best Practices

Security Best Practices:

  • • Regularly audit user permissions
  • • Remove access for inactive users
  • • Use groups instead of individual permissions
  • • Enable MFA for all admin accounts
  • • Document your permission structure

Troubleshooting Common Issues

User Can't Access Portal

  • Verify user has been added to the portal
  • Check if portal requires authentication
  • Confirm user's email matches their Smartsheet account
  • Review any IP restrictions or access schedules

Missing Content/Widgets

  • Check widget visibility settings
  • Verify page-level permissions
  • Review data filters on widgets
  • Confirm user's role has necessary permissions

Permission Changes Not Taking Effect

  • Have user log out and back in
  • Clear browser cache and cookies
  • Check for conflicting permission rules
  • Verify changes were published to live portal

Related Articles

Authentication Setup

Configure SSO and MFA for your portal.

Access Control

Advanced permission configurations.

Best Practices

Security and permission best practices.