Permissions in Schema Builder allow you to assign access to schemas and scope of actions you can perform (edit the schema structure, adding records to the schema, duplicating, and deleting). It helps you control the contributions to the schema and restrict the access to the defined users.  

## Prerequisites
---
To define schema permissions, you must [create a schema](/docs/assets/schema-builder/creating-schemas) first.

## Permission types
---
You can assign permissions on two levels:
- [General schema permissions](/docs/assets/schema-builder/schema-permissions#general-schema-permissions) - You can assign the access and editing permissions to users for a whole schema.
- [Schema record permissions](/docs/assets/schema-builder/schema-permissions#schema-record-permissions) - You can assign users who can add records to the schema.

## General schema permissions
---

There are four types of general schema permissions:

| Permission type | Explanation                                                        |
|-----------------|--------------------------------------------------------------------|
| Private         | Schema is viewable and editable by its author                      |
| Public          | Every user can view, edit the schema, and add records to it (default)                           |
| Read-only       | Only the author can edit the schema, all other users can view it |
| Restricted      | You can define different permissions for different users and user groups          |


<div class="admonition admonition-important"><div class="admonition-icon"><svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke="currentColor" stroke-width="2.5"><path stroke-linecap="round" stroke-linejoin="round" d="M12 8v4m0 4h.01M21 12a9 9 0 11-18 0 9 9 0 0118 0z" /></svg></div><div class="admonition-body"><div class="admonition-content">

Regardless of the selected permission for the schema, only the author or the admin of the workspace can assign or modify permissions.

</div></div></div>


### Defining general schema permissions

1. Go to **Data Modeling Hub > Schema builder**.
2. On the list, find the schema you want to define permissions for.
3. Next to the name of the schema, click the padlock icon.
4. From the dropdown list, select the permission.

<figure><img src="/api/docs/image/54176ad07f146575310749eba44b7c2f42c1b327/docs/assets/_gfx/schema-permissions.png" alt="Assigning permissions to a schema" class="full"><figcaption>Assigning permissions to the schema</figcaption></figure>

## Schema record permissions
---

There are four types of record permissions:

| Permission type | Explanation                                                        |
|-----------------|--------------------------------------------------------------------|
| Private         | Only the author of the schema can add records to the schema, schema records are not visible or searchable for other users                    |
| Public          | All users can add records to the schema                          |
| Read-only       | Only the author of the schema can add records to it, all other users can view the records |
| Restricted      | You can define different permissions for different users and user groups          |


<div class="admonition admonition-important"><div class="admonition-icon"><svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke="currentColor" stroke-width="2.5"><path stroke-linecap="round" stroke-linejoin="round" d="M12 8v4m0 4h.01M21 12a9 9 0 11-18 0 9 9 0 0118 0z" /></svg></div><div class="admonition-body"><div class="admonition-content">

Regardless of the selected permission for the schema, only the author or the admin of the workspace can assign or modify permissions.

</div></div></div>


### Defining schema record permissions

1. Go to **Data Modeling Hub > Schema builder**.
2. On the list, find and click the schema you want to define record permissions for.
3. Click the padlock icon on any schema record.  
    <figure><img src="/api/docs/image/54176ad07f146575310749eba44b7c2f42c1b327/docs/assets/_gfx/schema-record-permissions.png" alt="Assigning record permissions to a schema" class="full"><figcaption>Assigning record permissions to the schema</figcaption></figure>
4. From the dropdown list, select the permission. Permission you selected is applicable for all records.  
    <figure><img src="/api/docs/image/54176ad07f146575310749eba44b7c2f42c1b327/docs/assets/_gfx/schema-record-permissions2.png" alt="Selecting record permissions to a schema" class="full"><figcaption>Selecting record permissions to the schema</figcaption></figure>


## User groups and users
---
For the **Restricted** type of permission (general and schema record permissions), you can either define users or user groups and their permission scope.  

### Users

1. Select the **Users** tab.
2. Enter the name or email addresses of users who you want to grant permissions.
2. Confirm your choice by clicking **Add user**.
3. In the table below, select permissions for the selected users.  
    - **Execute** to complete actions such as editing the schema or adding records to the schema.
    - **Read** to preview schema or records in schema.  
    - **Edit** to edit the structure of the schema and schema records.
    - **Delete** to delete schemas or schema records.
4. Confirm by clicking **Apply**.

<figure><img src="/api/docs/image/54176ad07f146575310749eba44b7c2f42c1b327/docs/assets/_gfx/schema-users.png" alt="Assigning record permissions to a schema" class="full"><figcaption>Assigning record permissions to the schema</figcaption></figure>

### User groups


The users groups are sourced from **Settings > Roles**.  
    
<div class="admonition admonition-note"><div class="admonition-icon"><svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke="currentColor" stroke-width="2.5"><path stroke-linecap="round" stroke-linejoin="round" d="M13 16h-1v-4h-1m1-4h.01M21 12a9 9 0 11-18 0 9 9 0 0118 0z" /></svg></div><div class="admonition-body"><div class="admonition-content">

You can read more about Roles [here](/docs/settings/identity-access-management/permissions).

</div></div></div>


1. Select the **User groups** tab.
2. Click the user group or user groups for which you want to define the permissions.
3. In the table below, select permissions for the selected users.  
    - **Execute** to complete actions such as editing the schema or adding records to the schema.
    - **Read** to preview the schema or records in the schema.  
    - **Edit** to edit the structure of the schema and schema records.
    - **Delete** to delete schemas or schema records.
4. Confirm by clicking **Apply**.  

<figure><img src="/api/docs/image/54176ad07f146575310749eba44b7c2f42c1b327/docs/assets/_gfx/schema-user-groups.png" alt="Assigning record permissions to a schema" class="full"><figcaption>Assigning record permissions to the schema</figcaption></figure>

If there are users who are assigned with permissions as individuals and they belong to a user groups with different set of permissions at the same time, the user group permissions are applicable then.


<div class="admonition admonition-important"><div class="admonition-icon"><svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke="currentColor" stroke-width="2.5"><path stroke-linecap="round" stroke-linejoin="round" d="M12 8v4m0 4h.01M21 12a9 9 0 11-18 0 9 9 0 0118 0z" /></svg></div><div class="admonition-body"><div class="admonition-content">

The change of permissions can take up to 5 minutes.

</div></div></div>