Last date modified: 2026-Jul-14

Instance security

With instance security you can apply permissions to system admin groups to limit or grant access to particular system admin objects. You can access the Admin Security dialog from the Instance Details tab.

Users must be assigned to the following two groups in order to have full system administration access:
1. System Administrators - This grants access to all admin-level permissions, such as ARM, queue management, users, and groups tabs.
2. <Customer Name> Admin Group - This gives the user permissions to access all workspaces in the instance, unless the workspace was migrated through ARM or Migrate without the group being properly mapped first.

See the following related pages:

Features

The Features tab lists all of the features and their associated permissions from the other three tabs. You can enable and disable permissions at the feature level using this tab.

Toggle Key settings:

  • Toggle key set to enabled—Enabled
  • Toggle key set to disabled—Disabled

Permission settings

  • Blue checkmark means the permission is enabled—Enabled
  • Red circle with slash through it means the permission is enabled—Disabled

Object Security tab

The Object Security tab lists all system admin objects with their related item-level permissions.

Item-level rights include:

  • None Object - access denial—denies users access to the object.
  • View Object permission - view—view the object. This is the lowest level object permission.
  • Edit Object permission - edit, view object—edit and view the object.
  • Delete Object permission - Delete, edit, view—delete, edit, and view the object.
  • Add Object permission - Add—add new objects. This icon turns blue when the setting is unsaved; once you click Save, the blue icon becomes grey. This icon turns green when you give users this permission both when the setting is unsaved and saved.
  • Edit Security Locked Icon—grants users the ability to edit the security of objects. This icon turns blue if you click twice indicating a not applicable status.

Tab Visibility tab

In Relativity, the Tab Visibility setting lets you determine which tabs within the user interface are accessible to specific user groups. This encompasses both parent and child tabs that can be configured for access by these groups. You can enhance user efficiency by combining object security permissions with tab visibility settings. It's essential to understand that tab visibility settings don't alter the permission rights for objects presented on each tab. Instead, they solely govern whether the tab is visible in the navigational menu.

You can make a tab visible to a user even if they lack the necessary permissions to view objects listed on that tab. Nevertheless, it's crucial to understand that tab visibility settings don't restrict access to the objects featured on a particular tab. Users can still access these objects through direct URLs or via the API, even if the tab isn't visible to them in the navigational menu.

Granting tab visibility to a group without view permissions for the object allows users to view the tab but prevents them from taking action. Granting object permissions to a group without tab permissions for the object restricts users from completing required tasks.

Admin Operations tab

You can alter the following permission settings from the Admin Operations tab of the Admin Security page.

 

A Note on View Admin Repository

The "View Admin Repository" permission is essential for certain features and supported applications to operate correctly. Apart from the specific features that require this permission, it can also be granted to enable users to generate reports and apply filters to Workspace, Client, Matter, User, and Group objects during report setup.

Granting "View Admin Repository" permission to a user provides access to User and Group objects within the platform. This means that these users can retrieve User and Group information, regardless of whether they are using the mobile app.

The following features and supported applications necessitate the "View Admin Repository" permission:

  • Case Metrics
  • Staging Explorer
  • Workspace Portal
  • Processing Administration
  • Production/Branding Queue
  • ARM

Group Permissions report

With the Group Permissions Report you can easily assess all permission settings applied to any group. Navigate to the Instance Details tab and click Group Permissions Report.

Admin group permission console

You can perform the following actions from this console:

  1. Group - select any group in your Relativity environment from the Group drop-down menu. Click Run to see a list of all system admin permission settings for that group.
  2. Preview - displays the Script Body that defines the selected group's permission settings.
  3. Run - generates Group Permissions Report on the selected group.
  4. Export to File - click Go to export a .CSV file of all the selected group's system admin permission settings.

Reading the Group Permissions Report

  • Group - displays the selected group's name.
  • Permission - displays the name of the system admin object on which system admin rights are granted for the selected group.
  • Type - displays the group's permission level on the object listed in the Permission column.

Uneditable admin permission settings for the Everyone group

All users in any instance of Relativity are members of the Everyone group. The following admin permissions apply to the Everyone group by default, and this permission setting configuration is necessary for your Relativity environment to function properly. You can't add or revoke any of the following permission settings on the Everyone group.

Script and application library permissions

System admins are the only users able to access the following items:

System administrator privileges

The following actions are exclusive to System Administrators and don't require additional permissions:

  • Perform Mass Operations on admin. level objects
  • Permanently delete or recover workspaces from the Recycle Bin
  • Access to the Errors tab on the Admin. level
  • Manage group permissions within Instance details
Return to top of the page
Feedback