Control who can see, create, edit, and delete information in your Tractian platform by setting up permission profiles. This article walks you through the default profiles, how to create new ones, and how to configure granular permissions for each role.
Before You Start
You must have Administrator access to the Tractian platform.
You need access to the Settings area in the left-side menu.
Make sure you know which platform modules your team uses (CMMS, Monitoring, or both), since permissions are configured per module.
Understanding Default Profiles
Tractian comes with predefined permission profiles that serve as starting points. You can find them under Settings > Permissions.
The available default profiles depend on which modules your company uses:
CMMS Profiles | Monitoring Profiles |
Administrator | Administrator |
Planner | General Access |
Technician | Viewer |
Requester |
|
Viewer |
|
Each profile has a preset combination of permissions. Here's a general overview of what each CMMS profile can do:
Profile | Typical Access Level |
Administrator | Full access to all modules, settings, and user management. Can create, edit, and delete any record. |
Planner | Can create and manage work orders, service plans, and schedules. Cannot change platform settings or manage users. |
Technician | Can view and fill in work orders assigned to them. Limited creation and editing capabilities. |
Requester | Can submit work order requests. Cannot access planning or configuration features. |
Viewer | Read-only access. Can see records but cannot create, edit, or delete anything. |
💡 Tip: These default profiles cannot be deleted, but you can create custom profiles based on them to match your team's specific needs.
How to Create a New Permission Profile
Follow these steps to create a custom role:
In the left-side menu, click Settings.
Click the Permissions tab.
Click the + Add Profile button in the top-right corner of the page.
In the Profile Name field, type a descriptive name for the new role.
Example: "Maintenance Coordinator", "Shift Supervisor", "External Contractor".
In the Base Profile dropdown, select an existing profile to use as a starting point. The new profile will inherit all permissions from the base profile.
Important: You can only create a new profile based on a profile of equal or higher access level. For example:
✅ You can create a "Coordinator" profile based on Administrator.
❌ You cannot promote a Requester or Viewer base profile to have Planner or Technician level permissions.
In the Restrict by Location setting, choose the access scope:
All locations: The profile will have access to data from every location/site in your company.
Specific location: The profile will only see data from the selected location. Select the location from the dropdown that appears.
In the Platform Modules section, check the boxes for the modules this profile should access (e.g., CMMS, Monitoring).
Click Save to create the profile.
After saving, the new profile appears in the profiles list on the Permissions tab. You can now configure its specific permissions (see the next section).
How to Configure Permissions for a Profile
Once you create a profile, you need to define exactly what users with that profile can do in each module.
In the Permissions tab, click the name of the profile you want to configure.
You will see permission tabs organized by module: General, Monitoring, and CMMS.
Click a tab to see the list of features and records available in that module.
For each feature or record type (e.g., Work Orders, Assets, Service Plans), select which actions this profile can perform. The available action types are:
Action | What It Allows |
View | See the contents of records and fields. |
Access | Open the page and interact with its features (navigate, filter, search). |
Create | Add new records (e.g., create a new work order). |
Edit | Modify existing records. |
Delete | Permanently remove records. |
Fill | Enter information into required fields (e.g., fill in a checklist on a work order). |
For actions like View, Edit, Delete, and Fill, you also need to choose the permission level, which controls whose records the user can act on:
Permission Level | What the User Can Act On |
Permission I | All records — regardless of who created them or who is responsible. |
Permission II | Records where the user is related in one of these ways: (a) they created the record, (b) they are directly responsible, (c) they are a member of the responsible team, (d) they are on the creator's team, or (e) they are on the team of the person assigned as responsible. |
Permission III | Records where the user is: (a) the creator, (b) the directly responsible person, or (c) a member of the responsible team. This is the most restrictive level. |
💡 Tip: Use Permission III for technicians who should only interact with their own work orders. Use Permission I for supervisors who need visibility across the entire team.
Click Save after configuring all permissions.
Action Dependencies
Some actions require other actions to be enabled first:
To enable Edit or Delete on a record type, the profile must also have View permission for that record type. You cannot edit what you cannot see.
The Access action is independent. You can enable or disable page access without affecting View, Edit, or Delete permissions on individual records within that page.
Important: If you remove View permission from a record type but leave Edit enabled, the user will not be able to edit because they cannot see the record. Always verify that dependent permissions are consistent.
How to Edit an Existing Profile
In the left-side menu, click Settings.
Click the Permissions tab.
In the list of profiles, click the name of the profile you want to change.
Click the Edit button.
Make the necessary changes to the profile name, location restriction, modules, or individual permissions.
Click Save to apply your changes.
Important: Changes take effect immediately for all users assigned to that profile. If a user is currently logged in, they may need to refresh their browser or log out and log back in to see the updated permissions.
How to Assign a Profile to a User
After creating and configuring a profile, you need to assign it to the appropriate users.
Go to Settings > Users.
Find the user you want to update and click their name.
In the user's profile settings, select the new permission profile from the Role or Profile dropdown.
Click Save.
Frequently Asked Questions
Can I delete a default profile?
No. The default profiles (Administrator, Planner, Technician, Requester, Viewer, General Access) cannot be deleted. You can only create new custom profiles based on them.
Can I duplicate a custom profile?
Yes. When creating a new profile, select your custom profile as the Base Profile to start with the same permissions, then adjust as needed.
What happens if I edit a profile that is already assigned to users?
The changes apply immediately to everyone using that profile. Review the impact before saving.
A user says they cannot see a page. What should I check?
First, verify that the Access action is enabled for the relevant module page. Then, check that the View permission is enabled for the specific record types on that page. Finally, confirm the permission level (I, II, or III) allows them to see the records in question.
Can I restrict a profile to multiple specific locations (but not all)?
Check your current platform version. If the location restriction only allows "All" or one specific location, you may need to create separate profiles per location. Contact Tractian support if you need multi-location restrictions.