Security and permissions

You can manage varying levels of security for users, system admins, and individual objects such as views, tabs, and fields, across your instance of Relativity and in each workspace. You can quickly edit security for a number of users simultaneously by assigning permissions at group level. After configuring a group's access permissions, you can preview the effective security rights by impersonating a general member of the group or a specific user in your environment.

Note: If a user is a member of multiple security groups, they receive the highest permissions from the combination of groups.

Note: When the Customer lockbox feature is enabled via the EnableCustomerLockbox instance setting, Relativity system admins must also belong to a group within a workspace in addition to the System Administrators group to access and administer security within that workspace. Refer to Support if you need more information on this feature.

Instance security

Instance security

Setting instance permissions

Preview security

RelativityOne Security Center

Workspace and object security

Workspace security

RelativityOne admin

Setting workspace permissions

Relativity object security

Adding the Security field to a view

Levels of Security in Relativity

In Relativity there are two levels of security when assigning permissions, Object-level security, and Item-level security. Depending on how permissions are configured, the two levels of security can be used to grant or exclude access to either a full set of Objects, or a specified set of Items. In Relativity, Object-level security permissions define access for all items belonging to an Object type. Item-level security permissions, on the other hand, define access to a specific item or set of items, regardless of the permissions that have been set for the Object type at large. Item-level security can be used to override or offset the Object-level permissions.

Object-level permissions – an “umbrella” setting for all items belonging to an Object type. Object-level permissions are divided into two groups:

  • Instance permissions - permissions for system admin groups to limit or grant access to specified system admin objects

  • Workspace permissions - permissions for user groups added to the selected workspace. If a user group is not added to the workspace, it means users in that group do not have any access to that workspace.

Item-level permissions - permissions for a specific individual object instance and its children. By default, individual items inherit their objects rights (from workspace or instance permissions). Item-level security can override instance and workspace permissions for a specific object instance.

For most object types it is possible to grant to one of six permissions on the Item or Object level.

  • None - user does not have any access to the object.

  • View - user has access to view the object. This is the lowest object permission.

  • Edit - user has access to edit and view the object.

  • Delete - user has access to delete, edit, and view the object.

  • Add - user has access to add new objects.

  • Edit Security - grants users the ability to edit the security of objects.

Note: For some object types, options will be missing from the above list of permissions. For example, administrators cannot set permissions to 'None' for the 'Users' or 'Views' objects, because it will make Relativity unusable.