How to customize user permissions and access levels in Bigtincan

If you’ve ever tried to wrangle a team into a new platform, you know: user permissions are where things get real (and messy). If you’re the one responsible for who can see, edit, or break what inside Bigtincan, this guide is for you. I’ll walk you through how to actually set up and customize user permissions—what works, what’s confusing, and where to watch out for gotchas. No fluff, just clear steps and practical advice.

Why Permissions Matter (and Why Bigtincan’s Aren’t Plug-and-Play)

Let’s get this out of the way: Bigtincan’s permission system is powerful, but it can be a headache if you try to wing it. Permissions affect:

  • Who can see (or accidentally delete) content
  • Who can upload, share, and edit files
  • Who can manage users and settings

Mess up permissions and you’re chasing support tickets for weeks. Get them right, and people just get on with their work.

Step 1: Understand Bigtincan’s Permission Model

Before you dive in, you need to know how Bigtincan thinks about users and permissions. Here’s the basics:

  • Users: Anyone with a login.
  • Groups: Collections of users, often mapped to teams, departments, or roles.
  • Roles: Bundles of permissions (what a user/group can actually do).
  • Access Levels: Sometimes called “capabilities” or “rights”—these control what users/roles can do inside specific parts of the platform.

Pro tip: Don’t assume “Admin” means full access everywhere. Bigtincan can get pretty granular, so always double-check what a role actually allows.

Step 2: Map Out What You Actually Need

Resist the urge to dive into the admin panel right away. Grab a notepad—or a whiteboard—and sketch out:

  • What teams or job functions exist? (Sales, Marketing, Legal, etc.)
  • Who needs to just view content? Who needs to edit or upload?
  • Are there “must-not-see” areas? (Sensitive docs, HR files, etc.)
  • Who needs admin power…and who really doesn’t?

You’ll save hours cleaning up later if you get this clear before clicking anything.

Step 3: Set Up User Groups

Bigtincan works best when you organize users into groups before assigning permissions. Here’s how to do it (and what to avoid):

  1. Log in as an Admin.
  2. Go to the Admin Console.
  3. Find User Management > Groups.
  4. Click Create Group.
  5. Name your group (e.g., “Sales Team” or “External Partners”).
  6. Assign users to the group.

What works:
- Group your users by function, not by name—otherwise you’ll have to redo everything when people leave or change roles. - Keep group names obvious; avoid inside jokes or cryptic codes.

What to ignore:
- Don’t bother with a group for every single possible variation (like “Sales Team – West Coast, Floor 2, Desk 4”). Start broad; you can always add detail later.

Step 4: Create and Customize Roles

Now it’s time to create roles that match the real-world responsibilities you mapped out.

  1. In Admin Console, go to Roles or Role Management (the name can vary).
  2. Click Add Role.
  3. Give your role a clear, descriptive name (“Content Editor”, “Viewer”, “HR Admin”, etc.).
  4. Assign permissions:
  5. View: Can see content
  6. Edit: Can change content
  7. Upload: Can add files
  8. Delete: Can remove files
  9. Share: Can send or publish content to others
  10. Manage Users: Can add/remove users or groups
  11. Admin: Full platform control

Be careful:
- Avoid giving out “Admin” rights unless you’re sure someone needs it. Too many admins = chaos. - Don’t create a unique role for every single person. Stick to roles that at least a handful of people will use.

Step 5: Assign Roles to Groups and Users

With your groups and roles defined, it’s time to connect the dots.

  1. Still in Admin Console, go to Group Management.
  2. Select a group.
  3. Assign one or more roles to that group.
  4. If you need to, assign roles directly to individual users (but only for genuine exceptions).

Good practice:
- Assign most permissions at the group level. Only use direct-to-user assignments if you have a strong reason—otherwise you’ll lose track fast. - Document exceptions somewhere outside Bigtincan (spreadsheet, notebook, whatever). You’ll thank yourself later.

Step 6: Fine-Tune Access to Content

Bigtincan lets you control access not just at the user level, but down to files, folders, or “channels.” Here’s what matters:

  • Folders/Channels: You can often set view or edit rights for specific groups/roles.
  • Files: Sometimes you can restrict individual files, but this gets messy fast.
  • Smart Rules: Some Bigtincan setups let you use rules to grant access based on metadata, region, or department.

What works:
- Set folder/channel-level permissions for most things.
- Use file-level restrictions only for truly sensitive content.

What to ignore:
- Don’t micromanage every single file unless your company is in a highly regulated industry.
- If you find yourself making endless exceptions, your group/role structure probably needs rethinking.

Step 7: Test (and Break) Your Setup

This is the step most admins skip—and regret it.

  1. Create or use a test user in each group/role.
  2. Log in as those users (or use “preview as” if Bigtincan offers it).
  3. Try to:
  4. View content they should see
  5. Access content they shouldn’t see
  6. Upload, edit, or delete files (if their role allows)
  7. Try admin actions (if applicable)

What works:
- Actually log in as a normal user, not just as an admin. Permissions can look different from the user side. - Ask a few trusted team members to try things and tell you if they hit any walls.

What doesn’t:
- Don’t trust the settings page at face value. Always double-check by acting like a regular user.

Step 8: Make Changes—But Keep It Simple

You’ll get requests for exceptions. Someone will want their own special permission. Here’s how to handle it:

  • Stick to group-based permissions unless you absolutely have to go custom.
  • Review permissions every few months—especially after any big team changes.
  • If things get tangled, don’t be afraid to wipe out a group or role and rebuild. It’s usually faster than endless tweaks.

Honest Takes: What Works, What’s Overkill

What works well: - Using groups and roles to keep things organized. - Testing your permission setup before going live. - Training your admins to resist “just one exception” requests.

What’s overkill: - Micromanaging every file or permission. - Creating 20+ roles for tiny variations. Nobody can keep that straight. - Letting too many people have admin rights.

What to ignore: - Fancy-sounding “automation” unless you have a clear use case. Most teams won’t need it. - Overly complex “dynamic” permissions. Start simple; only add complexity if you keep running into limits.

Wrapping Up: Keep It Simple, Iterate Often

Getting permissions right in Bigtincan isn’t rocket science, but it does take some planning and a willingness to say no to endless exceptions. Start with broad groups and roles, test with real users, and keep your structure as simple as possible. If you need to adjust, adjust—but don’t fall into the trap of overcomplicating things. The less you have to tinker, the more your team can actually get work done.