Assigning Default System Roles and Creating Custom System Roles

Objective

After completing this lesson, you will be able to assign default system roles and configure custom system roles to manage user access and permissions.

Overview of SmartRecruiters Roles

In SmartRecruiters, user rights are determined by a two-level structure:

Each user has a System Role, which defines their system-level access to different features and functionality in the platform, such as configuring the company’s settings, posting jobs, or purchasing ads or services in the Marketplace. System Roles are assigned when someone creates a new user but can be changed later.
A user's Hiring Team Role determines their level of access to certain information about the job and candidates on that job, and the actions the user can take on the job or candidate, such as extending an offer or editing the job’s details. These roles are assigned when the user is added to a job's hiring team. Users can have different roles associated with each job.

SmartRecruiters uses system roles to define the level of access and permissions users have within the platform. These roles fall into two main categories: Default roles (predefined) and Custom roles (user-defined).

Default system roles are preconfigured roles that cover common user types in a recruiting process. In addition, custom system roles can be created where specific names and exact permissions are customized to a customer’s configuration needs and requirements.

SmartRecruiters System roles screen with permissions matrix: Default roles—Admin, Extended, Standard, Basic—across Company settings, Analytics, Report builder, SmartAnalytics, create a job, Hiring team, Access all jobs, Access group (values include Yes/No/Full/View only); Custom roles section with Add a custom role button; Save and Cancel.

Default System Roles

Within SmartRecruiters, there are five default roles created within each system.

Permissions are automatically granted to each of these roles for recruiting-related actions and functions. It is critical to understand what the users assigned to this role can and cannot do.

Admin Role: This is the highest level of system access. An admin can access everything in the system, including all core functionalities, data, and critical system configuration and company settings.
Extended Role: This role is nearly identical to the admin role but with one key restriction: the extended user cannot access the system configuration or company settings. However, they still have full access to recruiting data, jobs, analytics and dashboards for data consumption, but they cannot create reports within the dedicated Report Builder tool.
Standard Role: This user has a high level of operational functionality but restricted system access. A standard user cannot access the system configuration but can view all analytics and shared reports. Importantly, they have the permission to create new jobs. Their data access is limited, requiring them to be added to a hiring team to view a job or in an Access Group to see relevant candidate pipelines.
Basic Role: This is the most restricted operational role (besides the passive Employee role). A basic user has no access to configuration or analytics. Like the standard role, the basic user can only access jobs and candidates when explicitly added to the relevant hiring team or an Access Group.
Employee Role: The employee role is not listed in the System Roles list, as the system will automatically provide permissions to the Employee Career Portal to this system role. This is the only recruiting-related permission that is granted to the employee role and therefore, is not listed in the list of system roles.

Custom System Roles

Custom System Roles allow organizations to create up to 10 new custom system roles with specific, granular permissions tailored to unique business needs that the default roles do not cover. This provides flexibility and ensures data security and compliance by limiting access only to what a user needs to perform their job.

For example, let’s say that a Human Resources Business Partner (HRBP) needs to be able to create reports for jobs and access analytics, but does not need to create jobs and only needs access to certain jobs and candidate data for a specific business unit in a region. This would be a great example of when a custom System Role is needed, as these requirements are not met with the standard System Roles.

When creating a custom role, you will be able to manually assign permissions in the following categories to control access to recruiting-related features and information.

Permissions are typically broken down by module or entity (for example, Candidates, Jobs, Reports, Configuration) and by action:

Company Settings
Analytics
Jobs and Candidates

Category	Description	Permission Types
Company Settings	Control the individual system-related actions and functions a user has access to:	Administration Career Page Setup Templates Configuration Permissions Job Advertising
Analytics	Control the types of reports that a user can have access to.	Report Builder Smart Analytics
Jobs & Candidates	Controls the recruiting-specific job and candidate data that a user has access to. Access Groups allow further filtering of location or organization-specific permissions to be applied to a role.	Create a job Hiring Team Access All Jobs Access Group

Category

Description

Permission Types

Company Settings

Control the individual system-related actions and functions a user has access to:

Administration
Career Page Setup
Templates
Configuration
Permissions
Job Advertising

Analytics

Control the types of reports that a user can have access to.

Report Builder
Smart Analytics

Jobs & Candidates

Controls the recruiting-specific job and candidate data that a user has access to.

Access Groups allow further filtering of location or organization-specific permissions to be applied to a role.

Create a job
Hiring Team
Access All Jobs
Access Group

The following permissions can be assigned to the role for each permission:

No (None)
View Only
Limited
Full

Overview of Permissions for Each Permission Category

Analytics Permissions

Controls the level of access to the Sourcing, Candidate Pipeline, and Hiring Plan dashboards, plus the Analytics Reports.

Permission Type	Description
No	Cannot access Analytics dashboards or Analytics Reports
Yes	Can access all four Analytics dashboards and Analytics Reports

Report Builder

Controls the level of access to the reports generated by an admin with Report Builder.

Permission Type	Description
No	Cannot access Report Builder or read/download the generated reports.
View Only	Cannot access Report Builder or create new reports, but can read and download any reports that are shared with them via an Access List.
Full	Can create, delete, edit and download reports with Report Builder, and share with others.

Create a Job

Controls the ability to create, edit, and cancel jobs and use the Marketplace.

Permission Type	Description
No	Cannot create a job or access the Marketplace via the link in the top navigation bar.
Yes	Can create a job and access the Marketplace via the link in the top navigation bar.

Note

Marketplace access can be removed from the Menu for all users via the Marketplace Control in the Settings.

Hiring Team

Permission Type	Description
Yes	Can access a job and its candidates if part of the hiring team.

Note

All system roles can be added to a hiring team. If a user with the system role Employee is added to a hiring team, they are automatically converted to the Basic system role. However, when/if they are removed from all hiring teams, the system will not convert them back to Employee.

Access All Jobs

Controls access to all jobs.

Permission Type	Description
No	Must be part of a hiring team to access the job and its candidates.
View Only	Can access a job and its candidates, and view only some information, but take no actions (unless the user is a member of the hiring team or Access Group).
Limited	Can access a job and its candidates, view some of its information, and take some actions (unless the user is a member of the hiring team).
Full	Can access all jobs and candidates, view all of their information, and take any action on jobs or candidates.

Access Groups

Controls access to a job and its candidates as a member of the Access Group.

Permission Type	Description
No	Cannot access a job or its candidates if a member of the Access Group.
View Only	Can access a job and its candidates if a member of the Access Group; can view limited information, but cannot take actions against the job or its candidates.
Limited	Can access a job and its candidates, view some information, and perform some actions on the job and its candidates if the user is part of the Access Group. If set to Limited, this permission will supersede Hiring Team Role permissions for users who are members of the Access Group.
Full	Can access all jobs and candidates, view all of their information, and perform all actions on the job and its candidates if a member of the Access Group.

Create a Custom System Role

Creating a custom system role allows organizations to create customized permissions for a user group.

To add a custom system role:

Steps

On the SmartRecruiters home page, click User Menu→Settings.
In the Permissions section, click System Roles.
In the Custom Roles section, click + Add a custom role.
Enter the name of the role. This new role will show up as an option in User Management when adding a new user.
For each area, choose the level of permissions for that role.
Click Save.

Assign System Roles to Users

Once all permissions are configured, the new role can then be assigned to users individually to manage those specific permissions. The assignment process ensures that each user has the correct level of access to perform their specific job functions. This process ensures that a company can closely align system access with its organizational structure and security requirements.

To assign a user a role:

Steps

On the SmartRecruiters home page, click User Menu→Settings.
In the Permissions section, click User Management.
Find the user you wish to modify in the list of users.
To the right of their name and email, select the pencil icon.
Under User role select the role you wish to assign to the user.
Click Save.

Summary

SmartRecruiters uses a two-level role structure: System Roles (defining system-wide access) and Hiring Team Roles (defining access to specific jobs and candidates).
Default System Roles (Admin, Extended, Standard, Basic, Employee) provide preconfigured permission sets for common user types.
Custom System Roles allow organizations to create roles with granular permissions tailored to unique business needs, enhancing data security and compliance.
Custom roles can be configured with varying levels of access to Company Settings, Analytics, and Jobs & Candidates, using permissions like No, View Only, Limited, and Full.
System Roles are assigned to users via User Management in Settings, controlling their access to features and data within SmartRecruiters.

Next lesson