Teams
Collaborate on projects with other Form.io users.
Last updated
Collaborate on projects with other Form.io users.
Last updated
The Teams feature allows multiple developers and form builders to collaborate and have access to Projects and Stages. Any user on the platform can create a new team and assign it to a project they own or administer. After a team is created, Form.io users can be assigned to it, granting them access to the projects and stages associated with that team.
Below is an overview of the Project and Stage level permissions, the difference between those levels, and what kind of permission levels those Teams can carry.
Project level Teams are added to the entire Form.io Project, granting users assigned to that team permission rights to all stages within the project, including the live stage associated with your live application.
Alternatively, teams can be added to specific stages, restricting their permission rights to other stages within the project. Stage Teams are utilized when you want to delegate team permission to a specific stage, e.g. Developer stage, while restricting that team from accessing the Live stage connected to your live application or other stages within the project.
It's important to understand that a team added on the Project Level will always override that same team added on the Stage level. Meaning, if 'Team A' is added to the Project with Admin permissions, and that same Team A is added to a Stage with Write permissions, the Admin permissions at the Project level will be applied to all stages within the project and override the Stage Write permission.
In other words, Stage teams are never additive to the Project Level. A Stage Team does require that same team added on the Project level with Access permissions. Once the Team has Access permissions to the project, Team Read / Write permissions can then be delegated to the desired Stage.
Follow the links below for a walkthrough on adding Project and Stage Teams
Project Teams Walkthrough | Stage Teams Walkthrough
Team Permissions are granted on the Project or Stage levels. The Access and Admin permissions are reserved for Project-level permissions only. Before a Stage Team can be added, a Project level team must be added with Access permission.
To create a Team, click the Team button in the left-hand navigation bar on the main Portal page. There are two types of Teams that can be created and managed. The first type adds Form.io users to the Team using the User's Form.io email address saved to the User Resource within the Portal Base project or registered using the SaaS offering. The second method utilizes your a SSO Provider that has been configured for the Portal environment. The SSO Team can automatically map Users with specific SSO roles to specific Form.io Teams within the deployed environment. The following sections will document how to create and manage a team using both methods:
Teams created using this method will include users saved to the User Resource (for self-hosted environments). If the Form.io SaaS model is being utilized, team members will be added using the Email address the Team Member used when registering with on the Form.io platform.
Teams are managed using the Team Resource within the Portal Base project.
From the main portal page, click the Teams tab on the left-hand navigation bar
Click the +Create Team button
Input a Team Name
Click Submit to create the Team
After creation, you’ll be redirected to the Teams page where you can add members to the team. When utilizing the deployed solution, the user must first be saved to the User Resource within the Portal Base project. For the SaaS model, team members must be registered users with Form.io before being added to a Team
Deployed Environments - Team Members must be created within the User Resource of the Portal Base Project SaaS - Team members must be registered users with Form.io before being added to a Team
Click the +Add Member button
Input the User email address saved to the User Resource or registered to the SaaS platform.
Click the Submit button to add the User to the Team The user will then receive a Team Invite within the Team section of their main Portal page.
Adding a Team Member does NOT send an invitation email to the user. Instead, invites are accepted by the Team Member by logging in to their main Portal Page and accepting the invite from the Teams section.
Once a team member has been added, the member will be displayed on the Team View page. This member will not have access to the Team or Projects the Team has been assigned to until they have accepted the Invitation. Members who have not accepted the team invite will have a yellow "Invitation Pending" tag displayed under their email address
To accept a Team invitation, the invited Team Member should log in to the main portal page and click the Teams button in the left-hand sidebar.
Click Accept Invitation to join the Team
After accepting the invite, Projects assigned to the team will be displayed for the user on the main Portal page
Clicking Reject will remove the user from the Team
If you wish to map this team with an SSO Role, tick the SSO Team checkbox during the Team creation process. This SSO Team setting will communicate to the API platform this team should be mapped with SSO roles and users. For more information on SSO integration, please visit the Portal SSO documentation.
From the main portal page, click the Teams tab on the left-hand navigation bar
Click the +Create Team button
Check the SSO Team button
Input a Team Name The Team name should match the role from the SSO provider associated with the SAML users you want to add to the team.
Click Submit to create the Team
SSO Team Members
When using SSO, it is not necessary to add individual SSO users to the Team since that will be handled automatically through the authentication process. Any SSO user authenticating will automatically be added to the Team name correlated with their SSO role of the same name.
For more information on SSO integration, please visit the Portal SSO documentation.
Individual SSO users can still be added by inputting the SSO user email address when adding a Team Member. This is additive to the Team / SSO Role mapping.
Make sure the SSO Team option is unchecked to enable the addition of individual SSO users
Click the +Add Member button
Input the SSO user email address and click Submit
Ensure the SSO Team setting is checked after adding individual users
SSO Team Members are not required to accept a Team invite and will automatically be added to the Team when the SSO Team setting is active.
Team Owners can elevate regular Team Members to the role of Team Admin. As Team Admin, this member will carry additional permissions for managing the team, such as adding or removing members. Team Admins/Team Owners do not have any additional permissions for the projects assigned to the team. Their Team Admin rights are limited to managing team membership.
Within the Team Modal, click the gear icon next to the Team Member
Click the Make Team Admin button
The User tag will change from Team Member to Admin
Team Admin Permissions:
Add Team Members
Remove Team Members
Delete Team
Once a Team has been created, the Team will be available for Project assignment. Only Project Owners or Project Admins can assign or remove Teams to a Project.
As a Project Admin or Owner, navigate to the Project you wish to assign a Team
Click the Teams button in the left-hand navigation bar
Click the Add a team dropdown and select a Team to add to the Project.
Users can only add Teams they own or a member of
After adding a team, select the permissions the team members should have. All Team Members associated with the Team will carry the selected Permission. Once a team has been assigned, all members of that team share the same assigned permissions. You can assign multiple teams to a single project for more control over different Teams.
Teams can also be added to specific Stages within a project. Stage Teams are necessary if a user should have Team permissions for a specific stage (e.g., Development Stage) but should not have access to the Live (Production) stage or other Stages within the Project.
Before a Stage Team can be assigned, the Team must first have access to the Project.
Project Access
Click the Team tab in the left-hand navigation menu within the Project
Add the Team from the Team dropdown
Set the Team Permission to Access
The Team will now have access rights to the project and can be added to a specific stage
Adding Stage Team
Click the Stage dropdown within your Project and select the Stage the Team should be added
Click the Access tab within your Stage
Select a Team from the Add a team dropdown
Set the Permission for the Team
Save the settings
Once the Stage Team has been added, users assigned to the Member team will see the Project on their Portal home page.
Log in as a Team Member
Open the Project from the main portal page The user will be presented with a message stating they only have Access to the Project
You have been granted access to this project in order to access some stages. Please use the stages tabs to access a stage you have access to.
Click the Stage dropdown and select the Stage for which the Team has Stage Permissions, in this case, the Development stage.
Team Members will have permissions rights configured for the team after clicking the Stage.
This method is used to split up different teams between stages giving granular permissions to the Project dependent on the Team Member. Specific teams would only have access to certain stages depending on the team's functionality and purpose (think Dev, Stage, Prod deployment workflows). These different stages would eventually be deployed to the main Live stage for production use.
Click here for more information on how Stages are leveraged.
Project Access
Grants team members access to a Project without giving any functional permission to read or modify. Project Access permission is granted to users who need Read, Write, or Admin permissions for a specific Stage, while being restricted from accessing the Live stage or other stages within the Project
Project | Stage Read
Grants team members permission to read forms and submission data on the Project or Stage level. Forms and data cannot be modified.
Project | Stage Write
Grants team members permission to read and update both forms and submissions on the entire Project or Stage level. This permission restricts access to the project's settings, configurations, and other sensitive information found in the Project/Stage setting tab.
Project Admin
Grants full access to the Project and Stage settings, configuration, and sensitive data configurations within the Settings tab.
Project Access
Provides the user access to a Project without giving any functional permission to read or modify. Project Access permission is granted to users who need Read or Write permissions to a specific Stage, while being restricted from accessing the Live stage or other stages within the Project
Project Read
Grants team members permission to read forms and submission data on the Project level. Forms and data cannot be modified.
Project Write
Grants team members permission to read and update both forms and submission data on the entire Project level. This permission restricts access to the project's settings, configurations, and other sensitive information found in the Project/Stage setting tab.
Project Admin
Grants Read and Write permissions, as well as full access to the Project and Stage settings, configuration, and sensitive data configurations within the Settings tab.
Stage Read
Grants team members permission to read forms and submission data on the Stage level. Forms and data cannot be modified.
Stage Write
Grants team members permission to read and update both forms and submission data on the Stage level.
