Overview
Forest enables admins to create and manage custom roles with granular permission controls. The roles system allows organizations to define what actions users can perform within the platform. Only users with Admin permission level can create and manage roles. Roles are configured in the Roles tab within project settings, where permissions apply to all users assigned to that role.Permission levels
Forest defines five user permission levels with increasing administrative capabilities:
*Based on collection and action permissions configured for the role
Roles
Roles are configured in Project Settings → Roles. Each role defines granular permissions for collections and actions.Collection permissions
Control what users can do with data in each collection:Action permissions
Control user ability to trigger and approve actions:Approval workflows
When “Require Approval” is enabled for an action:- User triggers the action
- Action enters pending state in the approval queue
- Users with “Approve” permission review the request
- Action executes once approved (or is cancelled if rejected)
Conditional permissions
Restrict permissions based on data conditions using filters. For example, operators might trigger refunds under $1,000 without approval, while higher amounts require authorization. Conditional permissions allow you to:- Set data-based filters on any permission
- Create dynamic permission rules based on field values
- Combine multiple conditions with AND/OR logic
- Apply different permission levels based on record data
amount < 1000, otherwise require approval.
Default permissions
Configure default permissions that are automatically applied when new collections or actions are created. This ensures consistent permission settings across your project without having to manually configure each new collection or action. Default permissions are configured in Project Settings → Roles and apply to:- New collections added to your datasources
- New actions created in the back-end
- New fields added to existing collections