Apricot has two distinct permission models for managing user access and data security: Legacy Permissions and Role-Based Permissions. This overview focuses on the Legacy Permissions model, which gives administrators granular control over what user groups can access in Apricot.

The foundation of Legacy Permissions is the permission set. These let you decide which Forms, Reports, Bulletins, Shared Files, and Referrals users can access in each Apricot program. You can then assign these permission sets to individual users to grant the appropriate access. For standard users, you can give them more Administrative Access to expand their capabilities beyond their base Permission Set. Permission Sets and Advanced Access work together to determine what programs records are assigned to upon creation and what forms users are able to interact with.

Other features within Legacy Permissions include setting up Guest User accounts to give limited Apricot access, and Program IP restrictions to only allow access to Apricot from certain network locations. You can further refine data access with User Record Level Access, which restricts users' ability to view, edit, or delete specific records that aren't assigned to or created by them.

You'll find these Legacy Permissions features within the Access Control category of Apricot's navigation bar, where administrators can configure user accounts on the Users page and permission sets along with other access settings on the Sites & Programs page.

The following sections of this overview article will dive deeper into each of the key Legacy Permissions components and share some tips to help you get the most out of this permission model.