Overview

Operating gives you flexible control over what users can access and do within the workspace. Permissions are managed through permission groups, which you can customize to match your organization’s roles and responsibilities.

Key Principles

• You can create as many permission groups as you need. Let us know if you need more via chat or by mailing support@operating.app.

• Every user must belong to one permission group.

• By default, Operating includes three permission groups, including a non-editable Admin group.

Assign users to permission groups in Settings → Users.

Admin Permissions

The Admin group is a built-in permission set that cannot be removed or modified. Admins have full access to all settings, data, and actions in the workspace.

There are no hardcoded limits to what you can permit or block (except that the Admin group cannot be deleted or modified). Every other group can be tailored to reflect real responsibilities — from consultants to team leads, finance, or operations.

Feature access

First of all, you can choose which areas / features in Operating are visible to people. A word of warning: if your colleagues see very different things in Operating, they may think of the app in very different ways – for example, it might not be clear to everyone that it’s connected to your sales pipeline, if you don’t let them see the Horizon.

We recommend erring on the side of “too much information”: if people are curious about the capacity reports and all that, let them be. They might learn a thing or two about how your business works.

People, projects and clients

These settings control which things are visible in the app. If you limit the access to people or projects, all reports will only show the limited results. Thus, if people (e.g. managers) need to have a big-picture understanding of how the business is doing, do not limit access. On the other hand, if you have users that are expected to track time and nothing more, these options let you keep their scope to the relevant minimum.

The concept of ownership in Operating permissions

There are different kinds of owners for Projects. All different owners have access to projects (and the Client Owner has access to all projects for that Client).

The “reports to” manager relation in Operating

In order to handle who should be able to see whose time entries, and for easy filtering of “all of my people”, we provide the option to add a “reports to” field for each person. When the Reporting structure feature is in use, any Person may have a manager’s name set in their profile under “Reports to”.

In order to prevent problems with permission limitations, we have decided that a person will always see the people who report to them. The manager will also see all of the things that the person who reports to them sees. In order for a supervising manager to do their job, they need to see what their people are up to. Please reach out to support@operating.app if you have questions related to this logic.

The concept of membership in Operating permissions

For some permission settings, you can choose to allow things based on project membership.

When a user is added to a project team setup (named to work in a position), they gain membership in it and can see all other people on the project. Project owners, secondary owners, client owners and invoice owners will also have access to the projects under their management.

Project-related data

Allocations and Positions (resourcing plans)

Time Entries

These settings are applied to time tracking data created using Operating Hours or data imported from any external source.

Please note that editing time entries may have direct consequences to payroll and other important processes, so the safest way to handle most situations is to ask the person to edit their own timesheet. If the time entries are not exactly what you’re able to invoice your client, you can also edit the invoice (amounts and content), and keep the time entries as is.

Financials (rates, costs, margins)

In order to see the top-line numbers, you need to have access to rates and revenue.

In order to see how much gross margin a project is generating, you must have access to both revenue and costs. At the moment (August 2025), there is no half-way setting to allow “a little bit of profitability information but not what the personnel costs are”.

Company-wide administration

These settings toggle access on/off to manage and administrate your organization-level settings. Our best practice recommendation is to keep these open while you explore and test how Operating might best work for you, but once you have laid out the structure, leave modifying these to the admins. If creating new skills and tags is free-for-all, you will end up with lots of synonyms and overlap.

Naturally, refreshing integration-related data and importing data may be extremely relevant for people who own those processes, even if they are not Operating admins.

Default Permission Set

When a new user joins your Operating workspace, they are automatically assigned to a default permission group.

By default:

• New users are given the Admin permission set (or whichever group is currently marked as default).

You can change this:

• Go to Settings → Permissions

• Open the permission group you want to use as default

• Check the option: “Default permission set”

Customize the permissions for your needs

• Permission Groups:

  • Default groups: The system includes pre-filled permission groups, which by default are named "Admin," "Manager," and "Employee."

  • Renaming: Permissions groups can be renamed to suit specific organizational needs.

  • You may add new permission groups as you see fit.