As of today, who will have access to the Role-Based Permissions functionality?
On April 28, 2021, we will begin releasing a tool, called the Role Migration Tool, that will allow existing Apricot clients to move to Role-Based Permissions.*
We will be turning this tool on for customers in waves. If you do not have this tool in your site and would like to migrate as soon as possible, please reach out to your CSM. However, we do recommend reading through our list of considerations and recommendations for the tool prior to running (listed below).
The tool will be self-guided and purely opt-in.
How does this new Role Migration Tool work?
When the tool is released to your site, you will see a banner at the top of the Administrator tab in Apricot, notifying you.
When your organization decides to go through the migration from permission sets to Role-Based Permissions, you can click on the banner and it will navigate you to the migration page in the new Account Management app in Apricot. The migration page will notify you of what the migration entails. It will not automatically start the migration.
Once the end user clicks "Switch Now", the migration will begin. Every permission set will be made into a role. It is a 1:1 relationship.
From there, your site is officially on Role-Based Permissions. It’s that easy!
Will my organization be forced to go through the migration to Role-Based Permissions?
No! This will be a purely opt-in experience at this time.
However, it is important to note that when we release new functionality, it will be built on top of the Role-Based Permissions functionality. Therefore, in order to access new functionality, an organization will first need to be on Role-Based Permissions, so we strongly encourage customers to migrate!
What are some recommendations and considerations I should know, prior to running the new Role Migration Tool?
Please read the following carefully.
We encourage customers to perform the migration in non-peak work hours, to reduce the chance for performance issues.
Advanced Access that was given to users’ “User/Program Profiles” will be removed once the migration is run. For any users that previously had this access, we recommend that assigning them as Site Administrators moving forward in Role-Based Permissions. To learn more about Site Administrators, click here.
Once you begin the migration, permissions can no longer be saved via the old UI. Organizations will only be able to save permissions via the new Account Management app.
If you heavily utilize any of the following in your organization’s workflow, we recommend waiting to migrate to Role-Based Permissions. We will be working to address this functionality in Role-Based Permissions, and we will keep you updated as we continue to release this work.
Dynamic fields connected to the User form, or any dynamic fields referencing any fields added to the User form, for example "Include in Staff Assignment List"
Emergency Contact or User Picture on the User Details page
User Record Level Access, specifically set at the Tier 2 level
Is it possible to revert the migration?
No. Therefore, we strongly recommend that customers read through our list of recommendations and considerations prior to running the migration for their organization (list above).
How long will the migration take?
The amount of time the migration takes will depend on the size of your database in regards to the number and complexity of your existing permission sets. This is why we advise to run the migration during non-peak business hours. Typically, this process should only take up to 10-15 minutes but can be longer with larger databases.
How many roles can a client create?
Essentials can create 5 new roles. Core and 360 have the ability to add unlimited roles.
In regards to the Role Migration Tool, the migration will not remove any existing permission sets, and all permissions sets will become roles with the tool.
However, after the migration, an organization that is limited to 5 roles will not be able to add any new roles until they archive enough roles (formerly permission sets) to have 4 or less roles.
What if I want to merge similar Roles (that were formerly permission sets) into one Role or archive them?
If the end user would like to manually merge their roles (for example, if they have 5 permissions-sets-now-roles that are "Case Manager"), they can un-assign any users from a role, reassign to the desired role, and archive the unwanted role. For more information on how to do that, please visit our Release Notes.
Wait a second. Apricot currently has roles - Is the new concept of Roles different?
Yes! Currently in Apricot, roles are administrative capabilities assigned to standard users.
In the new implementation of Roles, a Role is differentiated by the access to records, forms, reports, etc. A user is assigned a Role and a Program and that makes the Permission Set.
In other words, a Role is a template for permissions sets to be applied to many users in a program at once, without having to re-create the permission set for each individual user.
If you have any questions or concerns before running the migration, please reach out to our Support team.
*This excludes Apricot for Funders.