Skip to main content
Version: 2.25.0

Securing Applications Through Permissions

ToolJet employs a Role-Based Access Control (RBAC) system to manage security and access to its resources, which include apps, folders, and workspace variables.

In this system, Admins have the authority to invite Users to their workspaces and assign them to specific Groups. Each Group is associated with a set of Permissions that dictate what level of access its members have to various resources.


By default, there are two groups: All Users, which contains all workspace members, and Admins, which grants full access to all ToolJet resources. Custom groups like Support or Engineering can also be created to fine-tune access controls.

Setting Permissions Based on Groups and Permissions

To secure your applications in ToolJet, you can leverage Groups and Permissions. For instance, you could create a custom group named Finance Team and assign it permissions to only access financial apps and variables within the workspace. When you invite new users, you can directly assign them to this group, ensuring they only have access to the resources they need to perform their tasks. You can also make the app public and make it accessible to users without the need to log in.

By thoughtfully configuring these settings, you can create a secure environment tailored to your organization's needs.