Managing Users and Access
As an aprity administrator, you control who can access the aprity application and what they can do within it. Access is managed through Salesforce permission sets, profile settings, and the aprity plan's feature entitlements.
Access Model
aprity's access model has three dimensions:
- Permission sets -- Determine whether a user has admin or read-only access.
- Plan entitlements -- Determine which features and tabs are available org-wide.
- Profile and app visibility -- Determine whether the user can see the aprity app in the App Launcher.
Assigning Permission Sets to Multiple Users
For team rollouts, you will typically need to assign permission sets to many users at once.
Using Salesforce Setup
- Go to Setup > Permission Sets.
- Click on Aprity_Admin or Aprity_User.
- Click Manage Assignments.
- Click Add Assignments.
- Use the search and filter options to find users.
- Select all target users and click Assign.
Using Data Loader
For large organizations with hundreds of users:
- Prepare a CSV file with two columns:
AssigneeId(the user's Salesforce ID) andPermissionSetId(the ID of the Aprity_Admin or Aprity_User permission set). - Use Data Loader to insert records into the
PermissionSetAssignmentobject.
Using Salesforce CLI
sf org assign permset --name Aprity_User --on-behalf-of user@example.com
Role-Based Tab Visibility
The tabs visible to each user depend on their permission set:
| Tab | Aprity_Admin | Aprity_User |
|---|---|---|
| Scans | Yes | Yes |
| Doc Browser | Yes | Yes |
| Feedback | Yes | Yes |
| On-Demand Docs | Yes | Yes |
| Generate | Yes | No |
| Schedule | Yes | No |
| Connectors | Yes | No |
| Settings | Yes | No |
Some tabs are additionally gated by your plan. For example, the Schedule tab requires Professional or Enterprise, and the Execution Graph requires Enterprise. Even an Admin user will not see these tabs if the plan does not include them.
Admin-Only Features
The following actions require the Aprity_Admin permission set:
Generate (Launch Scans)
Only admins can initiate new documentation scans. This includes:
- Selecting target objects and metadata types.
- Choosing the output format and language.
- Configuring analysis options (Global Analysis, Business Rule Changelog).
Retry Failed Scans
When a scan fails or completes with errors, only admins can trigger a retry. The retry reprocesses failed work items without restarting the entire scan.
Schedule Configuration
Admins can configure recurring scan schedules:
- Set the scan interval (daily, weekly, bi-weekly, monthly).
- Define the objects and configuration for scheduled runs.
- Enable or disable scheduled scans.
Connector Management
Admins can configure third-party integrations such as Confluence publishing:
- Add or remove connector configurations.
- Test connector connectivity.
- Map documentation outputs to external systems.
Recommended Access Patterns
Small team (1-5 users)
Assign Aprity_Admin to 1-2 Salesforce administrators and Aprity_User to the rest of the team.
Medium team (5-20 users)
- 1-2 administrators with Aprity_Admin
- Business analysts and developers with Aprity_User
- Consider using a Permission Set Group to bundle Aprity_User with other related permission sets.
Large organization (20+ users)
- Create a Permission Set Group that includes Aprity_User alongside your org's standard user permissions.
- Assign Aprity_Admin to a small group of documentation leads.
- Use Data Loader or CLI for bulk assignment.
Revoking Access
To remove a user's access to aprity:
- Go to Setup > Users > Users.
- Click on the user's name.
- In the Permission Set Assignments related list, click Edit Assignments.
- Move the aprity permission set from Enabled back to Available.
- Click Save.
The user will no longer see aprity tabs after their next page refresh or login.
Auditing Access
To see which users have aprity permission sets:
- Go to Setup > Permission Sets.
- Click on Aprity_Admin or Aprity_User.
- Click Manage Assignments to see the full list of assigned users.
This is useful for periodic access reviews and compliance audits.