User Permissions


Adding and Removing User Roles

Initially, a User has no rights in MinistryPlatform

The only application they can use is the Portal and their rights on the Portal is limited to activities related to their personal data. Heads of Household may be able to work with the data of other family members. Participant Type determines access to Church Directory.

For access to the Platform, a User must have a Security RoleThe number of User records in your database does not impact your MinistryPlatform support fee. Only users with Security Roles impact your monthly support fee. To view which users have Security Roles, change your view on the Users page to Users with Security Roles

If a User does not have access to the MinistryPlatform, the User will receive the following error when attempting to login to the platform: You are not authorized to access this application.

Add User Security Roles

Adding a Role to a User
  1. Go to Administration > Users and locate the desired User record.
  2. Open the User record.
  3. Click New in the Roles sub-page.
  4. Select the desired Security Role.
  5. Click Save.

Alternatively, you can click Add to provide several Security Roles to a User.

Adding many Users to a Role
  1. Go to Administration > Security Roles and locate the desired Security Role.
  2. Open the User record.
  3. Click Add in the Users sub-page.
  4. Select the Users you wish to add.
  5. Click Confirm Selection.
  6. Click Save.
Assigning a User the same Roles as another User
  1. Go to Administration > User Security Roles and search for the user you want to base the new user off.
  2. Select the roles to want to give the new user.
  3. Click Xfer, name the selection as desired, click Security Roles (Security Role) and click Transfer.
  4. Go to Administration > Users and search for the user you want to give the roles to.
  5. On the Roles sub-page, click Add.
  6. Click the [...] and change your Selection to be the one you made in Step 3.
  7. Click Confirm Selection and Save.

Removing User Security Roles

You must have delete rights for User Security Roles in order to complete steps, so contact your SPoC if you don't have them.
Delete Security Roles From the User record
  1. Go to Administration > Users and locate the desired User record.
  2. Open the User record.
  3. Select all in the Roles sub-page you want to remove.
  4. Xfer to the User Security Roles page.
  5. Click Delete.
Inactivate a Person

Using the Inactivate Tool automatically removes Security Roles from the selected records. So if the person is actually no longer active at your church, you could use the Inactivate Tool to remove their Security Roles (and update lots of other things in the system too).

Delete Security Roles From the User Security Roles page
  1. Go to Administration > User Security Roles.
  2. Clear any previously selected records.
  3. Select one or more records.
  4. View the selection and confirm visually that all rows selected are to be deleted.  Each row shows one role applied to one user.
  5. Click Delete. There are no dependencies in the database to the User Security Roles record so there are no options to select on the delete dialogue.
  6. Click Delete and confirm.

It is not recommended to delete Security Roles which came with MinistryPlatform. The ability to delete a Security Role (from the Security Roles page) is hidden from all users. Please contact Support for questions concerning deleting a Security Role. 

Assigning Roles, Tasks and other records to new User

This a more advanced option.

If a person leaves your staff, we encourage you to simply delete their Security Roles (see option #1 above). This is the simplest way to ensure they no longer have any rights in MinistryPlatform while allowing the User to continue to access things like their contribution statement on the Portal.
There is another way to transfer the User Record's attached data to another User.  It has a few downsides, but it is surprisingly easy.

  1. Open the departing person's User record and change the Contact with which it is associated to be the staff person who is taking over their responsibilities. Assuming that staff person ALREADY has a user record, they now have two User records (which the subsequent steps fix).
  2. Go to the Contacts page.  Make sure you have no currently selected records.
  3. Search for and select the Contact record of that staff person who will "take over". 
  4. Launch the Combine Contacts tool and that person should be listed in two columns.  The difference is at the bottom in the User record section. 
  5. Click the radio button next to the "user name" to keep (their original user name!!!) and click "merge".

Now, every view, task, process or other record connected to that departing staff is now safely under the remaining staff member.

The downside: First, that this obscures some history by making it look like this remaining staff person was responsible for historical tasks of the departing user. Second, the departing staff person has to generate a new User account on the Portal if they have donor data they need to access, but that shouldn't matter. There are some potentially other, more minor downsides. Keep in mind that the departing staff's Donor, Participant and Contact records are left alone if you followed these steps.

The advantage: You have certainty that all data formerly associated with the previous user record has a new owner.

See AlsoSecurity Roles and Page Permissions.