Enterprise Security

Identity & Access Management

Enterprise-grade permission architecture with complete separation between administrative control and end-user access

Role-Based Access Control Architecture

Complete segregation of administrative functions from end-user capabilities ensures enterprise-grade security and compliance with industry standards.

Account Users

Huddle Backend Access

Users who manage the Huddle platform, configure portals, and control Smartsheet integrations

System Access

  • Account dashboard (app.letshuddle.ai)
  • Smartsheet connection management
  • Portal builder and configuration
  • User management across portals
  • Asset tracking and version control
  • AI documentation tools
  • Analytics and reporting dashboard

Role Hierarchy

Account Owner
OWNER

Complete control including billing and authentication providers

Account Admin
ADMIN

Full management except billing and account deletion

Portal Builder
BUILDER

Create and configure portals, manage portal content

Content Manager
MANAGER

Manage portal content and users without system configuration

Portal Users

Frontend Portal Access

End users who access customer-facing portals to view data, submit forms, and interact with Smartsheet data

System Access

  • Portal pages (/portal/[portal-url])
  • Public and private portal content
  • Form submissions to Smartsheet
  • Document downloads
  • Filtered data views
  • Row-level security data access
  • Portal-specific dashboards

Role Hierarchy

Anonymous Visitor
PUBLIC

Access to public portal pages only, no authentication

Portal User
USER

View content and submit forms (Read + Create permissions)

Form Reviewer
REVIEWER

Review, approve, and request changes on form submissions

Portal Admin
ADMIN

Full portal management including users, pages, and modules

Flexible Authentication Architecture

Account-Level Authentication

Google OAuth 2.0

Secure authentication via Google accounts with 2FA support

Microsoft OAuth 2.0

Enterprise authentication through Azure AD and Microsoft accounts

Email Link (Passwordless)

Secure one-time links sent to email for authentication

Email & Password

Traditional authentication with password reset capabilities

Authentication Features

Account-Specific Configuration

Account owners can enable/disable authentication methods based on security requirements

Credential Linking

Users can link multiple authentication methods to a single account

Subdomain-Based Access

Each account has its own subdomain (e.g., company.letshuddle.ai) with customized auth

Portal-Specific Authentication

Separate authentication flow for portal users with custom branding

Dynamic Portal Role System

Build custom roles that perfectly match your organization's structure and workflows. Mix and match permissions to create roles tailored to your exact needs.

Visual Role Builder Example

1. Choose Base Permissions

2. Add Module Access

Form ModuleFull Access
Submit, review, and track forms
Reports ModuleView Only
Access dashboards and analytics
Admin ModuleNo Access
Portal configuration settings

3. Your Custom Role

Quality Inspector

Custom role created

ReadCreateReview

This role can view all content, submit inspection forms, and review submissions from field technicians before final approval.

Industry-Specific Role Examples

Construction

Site Manager:All permissions
Inspector:Read + Create + Review
Contractor:Read + Create

Healthcare

Doctor:Full access + Review
Nurse:Read + Create + Update
Patient:Read own records

Education

Principal:Full admin access
Teacher:Create + Review
Parent:Read only

Finance

CFO:Full access + Approve
Accountant:Create + Update
Auditor:Read + Export

Advanced Role Features

Data Filtering Rules

Define what data each role can see. Filter by department, region, project, or any custom field.

Field-Level Visibility

Control which form fields and data columns are visible or editable for each role.

Time-Based Access

Set temporary roles or schedule access windows for contractors and seasonal workers.

How the Role System Works

From role creation to user assignment, see how our flexible permission system adapts to your organization's needs

1

Create Role

Define a new role with a meaningful name and description

2

Set Permissions

Select which actions this role can perform in the portal

3

Configure Access

Define data filters and page visibility for the role

4

Assign Users

Add users to the role individually or in bulk

Permission Inheritance & Combination

Base Role

Field Worker

ReadCreate

Additional Permissions

Review Permission

Review

Combined Role Result

Senior Field Inspector

ReadCreateReview

This user can now perform field work AND review submissions from other team members

How Authentication Works

Account User Flow

1

Access app.letshuddle.ai

Navigate to the main application dashboard

2

Choose Authentication Method

Select from enabled providers (Google, Microsoft, Email)

3

Access Account Dashboard

Manage portals, users, and Smartsheet connections

Portal User Flow

1

Access Portal URL

Navigate to /portal/[portal-name] or custom subdomain

2

Portal-Specific Login

Authenticate through portal login page if required

3

Access Portal Content

View data, submit forms, download documents

Enterprise Security Architecture Review

Schedule a security architecture review with our enterprise team

Request Security ReviewDownload Security Whitepaper