Configuring Permissions and Profiles

Estimated reading: 3 minutes 86 views

Introduction

One of the most important aspects of maintaining a secure and efficient HR system is configuring permissions and user profiles correctly. In Zoho People, permissions control what users can do, while profiles manage what users can see—giving you full control over access to sensitive HR data and functionality. 

This guide walks you through how to set them up, step by step. 

What Are Permissions and Profiles?

  • Permissions: Define what actions a user can perform (e.g., view, add, edit, delete) within specific forms or modules.
  • Profiles: Define what forms and fields a user can access or see in the Zoho People interface

By customizing both, you can enforce data security, support department-specific access, and reduce clutter for end-users. 

Step 1: Access User Access Control

  • Log in as an Admin.
  • Go to the Settings (gear icon).
  • Under User Access Control, choose: ).
  • Profiles to manage what users can see.
  • Permissions to manage what users can do.

Step 2: Creating a Custom Profile

  • Navigate to Settings → User Access Control → Profiles.
  • Click "+ Add Profile".
  • Name your profile (e.g., "HR Executive", "Finance Viewer").
  • Choose the forms and modules you want to allow access to.
  • Enable/disable visibility of:
  • Employee Forms (e.g., Personal Info, Salary Info)
  • Modules (e.g., Leave, Attendance, Performance)
  • Settings (for HR or Admin users)

Tip: Profiles are great for hiding confidential forms like salary or performance from general users. 

Step 3: Assigning a Profile to a User

  • Go to Users under the Settings menu.
  • Select a user.
  • Under "Access Details", choose the appropriate Profile from the dropdown.
  • Click Save.

The user will now only see forms/modules based on that profile. 

Step 4: Configuring Permissions

  • Go to Settings → User Access Control → Permissions.
  • Click “+ Add Permission Set”.
  • Name your permission set (e.g., “Leave Admin”, “View Only Payroll”).
  • Select the module (e.g., Leave Tracker, Employee Form).
  • View , Add , Edit , Delete , Export .
  • For each field in the form, define whether it's:

Example:

For a “Manager” role, you may allow:

  • View and Edit of employee leave records
  • View only for salary details

Step 5: Assigning Permission Sets

  • Go to Users.
  • Choose a user or group.
  • Under their access settings, assign the relevant Permission Set.
  • Click Save.

Step 6: Testing and Reviewing Access

After assigning profiles and permissions: 

  • Log in as that user (or ask them) to verify visibility and actions.
  • Make sure critical forms like salary or evaluations are restricted where needed.
  • Run an Access Summary Report to see role-wise access.
  • Set up notification rules for agents and contacts
  • Enable customer happiness ratings to collect feedback

Best Practices

  • Use default roles for common users (Admin, HR, Manager, Employee).
  • Create custom profiles for department-specific views.
  • Review permissions quarterly or after any major HR policy changes.
  • Use field-level permissions to protect sensitive data like ID numbers, pay, and personal documents.
  • Don’t forget to revoke access when employees exit or change roles.

Related Articles

Setup Basics - Previous Adding Users and Roles

Leave a Reply

Your email address will not be published. Required fields are marked *

Learn how we helped 100 top brands gain success