CollabPortals

Role-Based Access Control

How to set up roles in CollabPortals so different users see different tables, fields, and views in the same portal.

Overview

Role-based access control (RBAC) lets one portal show different things to different people. Instead of a single setup for everyone, you point CollabPortals at a field in your Airtable table that holds each user's role, then configure the portal separately for each role. Roles can differ on more than permissions: each role has its own tables, fields, views, filters, and sorting.

How Roles Work

Each role has its own complete configuration of the portal:

  • Table permissions (view, create, edit, delete per table)
  • Field permissions (hidden, view-only, editable, required per field)
  • Record filters, view layout, sorting, and the record name field

When a portal user logs in, CollabPortals reads their role from your Airtable table and applies that role's configuration. If their role is empty, or doesn't match a configured role, they fall back to the Default role.

Setting Up Roles

  1. 1

    Add a role field to your Airtable table

    Add a field to the table that holds your portal users (the same table you use for their email login). It needs to be a single select field, or a linked record field. For example, add a "Role" field with values like "Technician" and "Stage Manager". The values in this field become your roles.

    An Airtable Contacts table with a single select Role field, showing John Smith as AV Technician and Sarah Bushby as Stage Manager
    The Contacts table in Airtable, with a single select Role field. Each contact's value becomes their role in the portal.
  2. 2

    Point CollabPortals at the field

    In your portal's Setup tab, scroll to the bottom to the Role Field (Optional) dropdown and select your role field. Only single select and linked record fields from your user table appear here. Selecting one turns on roles and creates a Default role automatically.

    The portal Setup tab with the Role Field dropdown open, showing the Role field selected from the user table
    The Role Field setting at the bottom of the Setup tab. Only single select and linked record fields appear.
  3. 3

    Configure the Default role

    Once a role field is set, every table's configuration shows a role bar across the top with Default selected. The Default role is the baseline everyone gets, so set it up first. For example, in an event crew portal you might disable the Documents table for the Default role so the wider crew can't see it.

    The Documents table configuration with the role bar showing Default, and the table's Enabled toggle switched off
    On the Default role, the Documents table is switched off, so most of the crew never sees it.
  4. 4

    Add a role on top of the default

    Click the + (Add role) on the role bar and pick one of your roles. The role bar lists the values from your field, so the names always line up. A new role starts as a copy of the Default, so you only change what should be different. Carrying the example forward, you would add a "Stage Manager" role and enable the Documents table just for them. You can override anything per role here, not only permissions: tables, fields, views, filters, and sorting.

    The role bar now showing a Stage Manager role added next to Default, with the Documents table configuration open
    Add a Stage Manager role on the role bar. It starts as a copy of the Default, ready to enable the Documents table.
  5. 5

    Preview as each role

    Use the portal preview to view it as different users and confirm each role sees the right thing. Preview as a technician and the Documents table is hidden; preview as a stage manager and it appears.

    The portal previewed as a technician, whose sidebar lists Profile, Events, Crew Assignments and Team but no Documents
    Previewed as a technician (the Default role): the sidebar has no Documents table.

The values in your role field must match the roles you configure. If a contact's role is "Stage Manager", you add a role called "Stage Manager". Because the role bar lists the values straight from your field, they always line up.

Default Role

The Default role is created for you the moment you set a role field, and it is the fallback. Any user whose role is empty, or whose role value doesn't match a configured role, gets the Default. Every new role you add starts as a copy of the Default, so you only adjust what differs.

Configure the Default role as the most restrictive baseline, then open things up for specific roles. That way a missing or misspelled role value gives a user minimal access rather than too much.

Example: an event crew portal

The video above walks through this setup. An event crew base has a Contacts table with a "Role" field (values like Technician and Stage Manager) and a Documents table that most of the crew shouldn't see.

  • Default role: the Documents table is disabled, every other table stays visible. Technicians, and anyone without a matching role, get this.
  • Stage Manager role: a copy of the Default, but with the Documents table enabled to view and edit.

Preview as a technician and the Documents table is hidden. Preview as a stage manager and it appears, editable. Everything else about each page, from views to field permissions, can be tailored the same way.

The portal previewed as a stage manager, with the Documents table open and showing call sheets, schedules and contracts
Previewed as a stage manager: the Documents table is now in the sidebar and fully visible.

Another pattern: viewer, editor, admin

A common three-role setup for content-style portals:

Viewer

  • Can view all tables
  • Cannot create, edit, or delete
  • All fields are view-only or hidden

Editor

  • Can view and edit all tables
  • Can create records
  • Cannot delete records
  • Key fields are editable, sensitive fields are view-only or hidden

Admin

  • Full access to all tables (view, create, edit, delete)
  • All fields visible and editable
  • Can see internal fields that other roles can't

Use Cases

Roles show up across most portal types. See them applied in client portals, retail operations portals, and membership management portals.

Client Portal with Different Client Tiers

  • Standard clients can view their projects and create requests
  • Premium clients can also edit project details and see additional fields

Team Collaboration

  • Team members can view and edit tasks assigned to them
  • Managers can create and delete tasks, and see reporting fields
  • Stakeholders have view-only access to project summaries

Data Collection

  • Submitters can create new records and view their own submissions
  • Reviewers can edit records and update status fields
  • Admins can delete records and see all fields

Without Roles

If you don't set up roles, all portal users share a single setup. This is perfectly fine for simple portals where everyone needs the same access. You can always add roles later without disrupting existing portal users.

Next Steps