Apricot has two distinct permission models - Legacy Permissions and Role-Based Permissions (RBP). While Legacy Permissions provide some granular control over user access, Role-Based Permissions streamline user management through the use of Roles.

Roles act as templates for permissions, allowing you to apply a standardized set of access rights across multiple programs and users. This is an improvement over permission sets, which are configured per individual program. Advanced Access gives you even more flexibility to customize standard user capabilities beyond their assigned Role. Roles and Advanced Access work together to determine what programs records are assigned to upon creation and what forms users are able to interact with.

Organizations on Role-Based Permissions retain the ability to set up Guest User accounts for limited Apricot access. The Caseload Manager also allows you to restrict user access based on the specific records assigned to their caseload - similar to Legacy Permissions' User Record Level Access feature.

To manage these features, expand the Access Control category of Apricot's navigation bar and select 'Users' or 'Sites & Programs'. You'll be redirected to the Account Management app, which will also have the Roles page and Caseload Manager available in its navigation bar.

The following sections of this overview article will dive deeper into the key components of Role-Based Permissions, sharing best practices and tips to help you get the most out of this permission model.