Skip to main content

Features

User Management - Clearpoint Systems Docs

Learn how to manage users, roles, and permissions in Clearpoint Systems Technology for secure collaboration across your organization.

Clearpoint Systems Technology is designed for organizational use. Whether you’re a small team or a large enterprise, our user management features help your organization work together efficiently while maintaining security and control.

Organization Structure

Clearpoint uses a hierarchical structure for organizing users:

Organization
├── Departments
│   ├── Operations Team
│   ├── Finance Team
│   └── IT Systems Team
└── Access Groups
    ├── System Administrators
    ├── Data Analysts
    └── Compliance Officers
  • Organization — Your company or top-level account
  • Departments — Groups of users with similar responsibilities
  • Access Groups — Permission-based groupings for system access

Adding Users

Add users via the dashboard or API:

Dashboard

  1. Go to Settings → Users → Add User
  2. Enter their email address and name
  3. Select department and access groups
  4. Set initial permissions
  5. Click Send Invitation

API

POST /api/v1/users
{
  "email": "user@company.com",
  "name": "John Smith",
  "department": "operations",
  "access_groups": ["data_analysts"],
  "role": "standard_user"
}

Invitees receive an email with a link to join your organization.

Roles and Permissions

Clearpoint provides predefined roles with different permission levels:

System Administrator

Full control over the organization:

  • Manage user accounts and permissions
  • Configure system integrations
  • Manage billing and subscription
  • All other permissions

Operations Manager

Manage workflows and integrations:

  • Configure and monitor workflows
  • Manage integration connections
  • View reports and analytics
  • Standard User permissions

Data Analyst

Data access and reporting:

  • View integrated system data
  • Create and run reports
  • Export data for analysis
  • Viewer permissions

Compliance Officer

Audit and compliance access:

  • View audit logs and reports
  • Access compliance documentation
  • Monitor data lineage
  • Viewer permissions

Viewer

Read-only access:

  • View dashboards and reports
  • Access documentation
  • No configuration permissions

Permission Matrix

ActionSystem AdminOperations ManagerData AnalystCompliance OfficerViewer
View integrations
Configure workflows
Manage users
View reports
Export data
View audit logs
Manage billing

Custom Roles

Enterprise plans can create custom roles:

Creating a Custom Role

  1. Go to Settings → Roles → Create Role
  2. Name your role (e.g., “Integration Specialist”, “Report Builder”)
  3. Select permissions from the available list
  4. Save the role

Example: Integration Specialist Role

{
  "name": "Integration Specialist",
  "description": "Can configure integrations but not manage users",
  "permissions": [
    "integrations:read",
    "integrations:create",
    "integrations:update",
    "workflows:read",
    "workflows:create",
    "reports:read"
  ]
}

This role can:

  • View and configure system integrations
  • Create and manage workflows
  • View reports and analytics

This role cannot:

  • Manage user accounts
  • Access billing information
  • Modify system settings

Department-Level Permissions

Override organization roles at the department level:

# Give a viewer report access to a specific department
POST /api/v1/users/{user_id}/departments
{
  "department": "finance",
  "role": "data_analyst",
  "scope": "department_only"
}

This is useful for:

  • Contractors working with specific departments
  • Cross-departmental collaboration on shared workflows
  • Temporary elevated access for specific projects

Workflow Comments

Add comments to workflows for team communication:

POST /api/v1/workflows/{workflow_id}/comments
{
  "comment": "Updated field mapping for new customer structure",
  "notify_users": ["manager@company.com"]
}

Comments appear in:

  • The Clearpoint dashboard
  • Email notifications for mentioned users
  • Activity feeds for relevant workflows

Mentioning Users

Mention team members in comments:

{
  "comment": "@sarah please review the validation rules for this workflow"
}

Mentioned users receive a notification.

Audit Logs

Track all actions taken in your organization:

GET /api/v1/audit-logs?last=7d

{
  "logs": [
    {
      "timestamp": "2024-01-15T10:30:00Z",
      "user": "john@company.com",
      "action": "workflow.create",
      "resource": "order_processing",
      "ip_address": "192.168.1.100"
    },
    {
      "timestamp": "2024-01-15T10:25:00Z",
      "user": "sarah@company.com",
      "action": "integration.update",
      "resource": "sap_erp",
      "ip_address": "192.168.1.101"
    }
  ]
}

Filtering Audit Logs

# Filter by user
GET /api/v1/audit-logs?user=john@company.com

# Filter by action type
GET /api/v1/audit-logs?action=workflow.*

# Filter by resource
GET /api/v1/audit-logs?resource=sap_erp

# Export to JSON
GET /api/v1/audit-logs?format=json&export=true

Audit logs are retained for:

  • Professional plans: 90 days
  • Enterprise plans: 1 year (configurable)

Notifications

Configure how your team receives notifications:

Per-User Settings

Each team member can configure their preferences:

  • Email — Workflow success/failure, mentions
  • Slack DM — Real-time notifications
  • Browser — Push notifications

Team Channels

Set up shared notification channels:

notifications:
  slack:
    channel: "#operations"
    events: ["workflow.success", "workflow.failure", "integration.error"]
  email:
    recipients: ["ops@company.com"]
    events: ["integration.error", "system.alert"]

Access Tokens

Create tokens for API access and automation:

# Create a read-only token
POST /api/v1/tokens
{
  "name": "Monitoring System",
  "scope": "read",
  "expires_at": "2024-12-31T23:59:59Z"
}

# Create a configuration token
POST /api/v1/tokens
{
  "name": "Integration Builder",
  "scope": ["integrations:read", "integrations:create", "workflows:read"]
}

Token Scopes

ScopePermissions
readRead-only access to all resources
configureCreate and update integrations and workflows
adminFull API access including user management

Token Best Practices

  1. Use descriptive names — Know what each token is for
  2. Limit scope — Only grant necessary permissions
  3. Set expiration dates — Regularly rotate tokens
  4. Revoke unused tokens — Clean up tokens that are no longer needed

SSO Integration

Enterprise plans support Single Sign-On:

  • SAML 2.0
  • OpenID Connect
  • Okta, Azure AD, Google Workspace

See SSO documentation for setup instructions.

Best Practices

  1. Use the principle of least privilege — Give users only the access they need
  2. Set up departmental access — Organize users by functional areas
  3. Review audit logs regularly — Monitor for unauthorized access
  4. Use department-level permissions — Don’t give organization-wide access unnecessarily
  5. Rotate access tokens — Especially after team members leave

Troubleshooting

User can’t access workflow

Check their role at both organization and department level:

GET /api/v1/users/{user_id}/permissions
GET /api/v1/departments/{dept_id}/users/{user_id}

Notifications not working

Verify the notification configuration:

GET /api/v1/notifications/config

Audit log missing events

Ensure you have the appropriate plan. Some events are only logged on Enterprise plans.