Access to case files or forms is determined by user allocation to specific roles, giving you the ability to restrict permissions to certain functions based on the user's role.
View current role permissions
You can view the current roles and permissions following these steps:
Click the three-line menu.
Click Configuration, click Services.
Select the relevant service.
Click Roles.
Here you can see what each role can access.
What Tenant Administrators can configure without raising a support case
Tenant Administrators have broad configuration access within their organisation. The following tasks do not require a support case and can be completed directly in ACP.
User management
Add a new user via Configuration > Users > Add New User
Change a user's account type (Carer, Branch Administrator, or Other User) via Configuration > Users > edit the user record
Enable or disable web access for a user on the same screen
Assign a user to a group via Configuration > Groups
Link an employee to Evo or unlink them via Configuration > Users β see Link Access Care Planning to Access Evo
Role and branch configuration
Create new roles and edit role permissions at service level via Configuration > Services > Roles
Add users or groups to roles on individual case files via the Roles tab within the service user or employee record
Rename a branch via Configuration > Branches
Assign secondary branches to a Branch Administrator via Configuration > Users > edit the user record
Tenant preferences
Most app preferences, navigation preferences, and account preferences can be changed by a Tenant Administrator directly via Configuration > Tenant > Preferences
A small number of preferences are restricted to Access system administrators β see the Tenant preferences article for the full list and which require a support case
π Note: Elevating a user to Tenant Administrator level requires Tenant Administrator access. Branch Administrators cannot create Tenant Admin accounts β this must be done by an existing Tenant Admin.
Unable to view a form
If a specific role cannot see a form, it's likely that the role is missing the settings. You can add them by following these simple steps:
Click the three-line menu.
Click Configuration, then click Services.
Select the relevant service.
Click Roles, then edit the relevant role.
For the section they need to view, select the view, create or edit checkbox.
π Note: If permission changes do not appear immediately for the user, ask them to log out and back in. Role permissions are cached in the session and a full re-login ensures the latest settings are applied.
Unable to see a case file
If your user can't view the client or employee case file, it's likely they haven't been granted the correct permission. You can give permissions following these steps:
Click the three-line menu.
Click Client Records or Employee Records.
Select the client or employee, then click Roles.
Click Edit, then add the user or group to the specific role.
Click Update.
Configuring role based access as a Branch Administrator
Branch Administrators can view and work with role based access settings, but their scope and permissions differ from Tenant Administrators in the following ways.
What Branch Administrators can do:
View the roles configured for services within their assigned branch
Add users and groups to roles on individual service user or employee records within their branch
View which users are allocated to each role
What Branch Administrators cannot do:
Create new roles or edit the permissions on existing roles at the service configuration level β this requires Tenant Administrator access
Manage roles for services or case files outside their assigned branch
Elevate a user to Tenant Administrator β Branch Admins can only assign Carer, Branch Administrator, or Other User types to users they manage
Access Tenant Preferences or change system-wide settings
If a Branch Administrator needs to change the permissions on a role itself (not just add a user to a role), they should ask the Tenant Administrator to make the change via Configuration > Services > Roles.
π Note: A Branch Administrator must also have Role Based Access enabled at the service level to view customer records within their branch. Branch assignment alone is not sufficient β a Tenant Administrator must ensure the Branch Admin's account is added to the relevant role within the relevant service. See Multi-branch access for Branch Administrators for full details.