Skip to main content
User roles in Forerunner determine what team members can see and do within the application. Each role provides a different level of access, from full administrative capabilities to read-only viewing.

Permission comparison

Detailed comparison of what each role can do:
FeatureManagerMemberCreatorView Only
View objects and recordsYesYesYesYes
Create recordsYesYesYesNo
Edit own recordsYesYesYesNo
Edit others’ recordsYesYesLimitedNo
Delete recordsYesYesLimitedNo
Upload filesYesYesYesNo
Export dataYesYesLimitedLimited
Manage tasksYesYesOwn onlyNo
Start workflowsYesYesLimitedNo
Manage teamYesNoNoNo
Invite usersYesNoNoNo
View public usersYesNoNoNo
Access settingsYesLimitedLimitedNo

Role hierarchy

Forerunner uses four roles for internal team members, each building on the permissions of the role below it:
RoleDescriptionBest for
ManagerFull access plus team managementDepartment heads, supervisors, account administrators
MemberFull access to all data and featuresStaff who need complete access to daily work
CreatorCan create and edit records and documentsField staff, inspectors, data entry personnel
View OnlyRead-only access to dataStakeholders who need visibility without editing
User roles are assigned by Managers or configured by your Customer Success Manager. If you need a different role, contact your supervisor or CSM.

Manager role

Managers have the highest level of access for internal team members. In addition to all standard features, Managers can:

Team management

  • Invite new users to the account
  • Assign and change user roles
  • Deactivate user accounts
  • View team member activity

Account oversight

  • Access all records regardless of creator
  • Export data from any table or view
  • View audit logs and activity history
  • Manage workflow configurations

Public user management

  • View public user accounts
  • Search and filter public users
  • Export public user data
  • Monitor public submissions
Managers should be limited to those who need administrative oversight. Most team members work effectively with the Member or Creator role.

Member role

Members have full access to Forerunner’s features without team management capabilities:

Data access

  • View all objects, records, files, and tasks
  • Create, edit, and delete records
  • Upload and manage files
  • Assign and complete tasks

Workflows

  • Start and progress workflows
  • View workflow status across the team
  • Complete assigned workflow steps

Reporting

  • Access all table views
  • Create and save custom views
  • Export data to CSV and other formats

Maps

  • View all map layers
  • Use measurement and analysis tools
  • Access offline maps on mobile
What Members cannot do:
  • Invite or manage other users
  • Change user roles
  • Access account-level settings
  • Manage public users

Creator role

Creators can add and modify data but have limited access to some features:

Core capabilities

  • Create new records
  • Edit records they created
  • Upload files and documents
  • View objects and properties

Limited access

  • May not have access to all record types
  • Cannot delete records created by others
  • Limited export capabilities
  • Restricted access to sensitive fields (if configured)
Creator role is ideal for:
  • Field inspectors entering data on-site
  • Staff focused on data collection
  • Temporary or seasonal workers
  • Roles requiring data input without broad access

View Only role

View Only users can see data without making changes:

Access

  • View objects, properties, and records
  • Browse tables and use filters
  • View files and documents
  • See map layers and visualizations

Restrictions

  • Cannot create or edit records
  • Cannot upload files
  • Cannot assign or complete tasks
  • Cannot export data (in most configurations)
View Only role is ideal for:
  • Executives needing oversight
  • Partner organizations requiring visibility
  • Auditors reviewing documentation
  • Staff in training

User groups

Beyond roles, Forerunner supports user groups for more granular permission control:

What user groups control

  • Access to specific record types
  • Visibility of certain workflows
  • Permissions for particular features
  • Assignment of tasks and notifications

Common user group examples

  • Floodplain Team - Access to EC reviews, SI/SD tracking, permit records
  • Inspectors - Access to inspection records and mobile features
  • Emergency Management - Access to PDA and damage assessment records
  • Planning - Access to development review and planning records
User groups are created and configured by your Customer Success Manager. Contact your CSM to discuss group-based permissions for your team.

Managing users

Inviting new users

Managers can invite new team members:
1

Open team settings

Navigate to Settings and select Team or Users.
2

Click invite

Select Invite User or Add Team Member.
3

Enter user details

Provide the new user’s:
  • Email address
  • First and last name
  • Role assignment
  • User group membership (if applicable)
4

Send invitation

Click Send Invite. The user receives an email with instructions to set up their account.

Changing user roles

To modify a team member’s role:
1

Access user settings

Navigate to Settings > Team and find the user.
2

Edit user

Click on the user or select Edit.
3

Update role

Select the new role from the dropdown.
4

Save changes

Confirm the change. The new permissions take effect immediately.
Changing a user’s role immediately affects their access. Verify you’re selecting the correct role before saving.

Deactivating users

When a team member leaves or no longer needs access:
1

Find the user

Navigate to Settings > Team and locate the user.
2

Deactivate

Select Deactivate or toggle the user’s active status.
3

Confirm

Confirm the deactivation. The user immediately loses access.
Deactivated users cannot sign in but their historical data and activity remain in the system. Contact your CSM if you need to fully remove a user account.

Best practices

Assign appropriate roles

  • Start with the minimum access needed for the job
  • Promote to higher roles as responsibilities grow
  • Regularly review role assignments

Use groups for granular control

  • Create groups based on job function
  • Assign record type access through groups
  • Use groups for workflow permissions

Maintain security

  • Limit Manager access to essential personnel
  • Deactivate users promptly when they leave
  • Review user access quarterly

Document your structure

  • Keep a record of who has what role
  • Document the purpose of each user group
  • Maintain onboarding procedures for new users

Troubleshooting

Check:
  • User’s role permits viewing those records
  • User belongs to a group with access
  • Record type permissions include their group
Solution: Contact your Manager or CSM to adjust group membership or permissions.
Check:
  • User’s role permits creating records
  • Record type allows creation by their group
  • User has access to the parent object
Solution: Verify the user has Creator role or higher, and confirm their group has create permission for that record type.
Check:
  • Your account is assigned the Manager role
  • You’re signed in to the correct account
  • The feature is enabled for your account
Solution: Contact your CSM to verify your role assignment or enable the feature.
Solution: Contact your Customer Success Manager for bulk user updates. They can efficiently process role changes, group assignments, or deactivations for multiple users.