As an admin of Retool you can use Permission Groups to control which users have access to which apps and resources. See Inviting users and authentication to learn how to invite users to Retool.
If you can't see Organization Settings > Permissions your account is not an admin and will not be able to perform the tasks described in this guide.
User specific permissions are only available on the Pro or Enterprise plans. Without granular permissions, all accounts will have the same access to editing apps and resources.
All Retool user accounts are added to the All Users group when first created. This is a global permissions setting that applies to all users. You can edit the permissions of the All Users group so that new users only have edit permissions on apps and queries or resources when invited.
If you do not want new users to automatically have editing permissions, you must change the default settings of the All Users group using the Granular Permissions feature available on Pro or Enterprise plans.
Own: Rename and delete the app, and all Edit level permissions
Edit: Make changes to components, temporary states, transformers, and all queries that are for resources that the user has access to
Use: Open the app in end-user mode only
No Access: Hide the app from users in the selected group anywhere in Retool, no access to open the app.
You can allow a custom user group access to any created APIs, Databases, or Integration resources. Resources that a group does not have access to will be hidden from those users in the resource page and inside the editor.
This setting gives a user group access to the Query Library. They will be able to create new shared queries and see existing ones for any resource their group has access to.
- A viewer can use all apps.
- An editor can use and edit all apps and can write queries against all resources when editing an app.
- An admin can use all apps, edit them, write queries against all resources, invite users, and change user permissions. The first user who signs up for Retool is in the admin group by default.
When using the on-premise version of Retool, an admin must invite users. Anyone who joins via SSO without an invite is assigned no permissions by default. For more information see On-premise.
When using the cloud version of Retool, anyone who joins via Google SSO without an invite is assigned as a viewer by default. For more information see Cloud.
- Open Organization Settings > Permissions.
- Click Create New Group.
- Give the new group a name.
- Click Create.
- Click the row containing your new group in order to select it. The Group Details section shows more information about your new group.
- Use Group Details > Apps to control how much access the group has to each app.
- Use Group Details > Resources to control which resources the group can write queries using when an app is in edit mode. If you would like the group to have no resource editing permissions, set this section to
Can't create queries
- To give a user access to the Query Library, toggle the
Query Library Accessoption below the
Writing queriessection. Users will only be able to create queries in the query library using resources that they have access to.
- Click Save to confirm your changes.
- Open Settings > Users.
- Click the user whose groups you want to edit. Retool highlights the user's row to indicate that it's selected. The User Details pane shows more information about that particular user.
- Use the Permissions Groups text box to edit the user's groups.
You can also edit which users are inside of a group from the Permissions tab. When a group is selected, all of the users included in that group are shown in the Users section.
- Open Settings > Permissions.
- Click the group that you want to edit. Retool highlight's the row blue to indicate that it's selected. The Group Details pane shows more information about that particular group.
- Enable the checkbox next to a user's name in Groups Details > Users to add that user to that group. Disable the checkbox to remove that user from that group.
When inviting users to Retool, click Add Group and then specify which groups they belong to in the Groups to add invited members to text box.
Updated 10 months ago