What is Data Access Hierarchy?

Data Access Hierarchy controls who can see what data inside SnapApp.

It works by creating data access roles and arranging them in a parent–child hierarchy. This hierarchy decides how data visibility flows from one role to another.

For example:

• A manager can see their own data and their team’s data
• A team member can usually see only their own data
• A top-level role (such as Admin or CEO) can see all data

These Roles and Permissions do not need to exactly match your company’s HR reporting structure. Instead, they should be designed based on who needs access to which data to do their job effectively.

Table of Contents

• Role Changes and Access Behavior
  • Role Limits
  • Hierarchy Depth
  • What Happens When a Role Changes
  • How to Plan Your Data Access Hierarchy
  • Step-by-Step Planning Example
• Hierarchy View and Role Creation
  • Hierarchy View and Adding Roles
  • Hierarchy View
  • + Add New
• Data Access Hierarchy Chart
• Table Columns Explained
• Actions

The Data Access Hierarchy defines how data visibility flows across users and teams within a SnapApp application. It enables controlled, hierarchical access to records, ensuring that higher-level roles can view data owned by roles beneath them, while preserving strict boundaries across parallel teams.

Role Changes and Access Behavior

To keep your SnapApp setup secure, fast, and easy to manage, follow these best practices:

Role Limits

• Default Role Limit
• An organization can create up to 500 data access roles

• This limit can be increased by SnapApp if required

• Internal Data Access Roles

• Recommended maximum: 2,000 roles

• External Data Access Roles

• Recommended maximum: 10,000 roles

Hierarchy Depth

• Keep the hierarchy to 10 levels or fewer
• Deep hierarchies are harder to understand and maintain

A simpler hierarchy makes role management easier and reduces mistakes.

What Happens When a Role Changes

When a user’s data access role is updated, SnapApp automatically adjusts their access.

Here’s what happens behind the scenes:

• All sharing rules linked to the new role are reviewed
• The user gains access allowed by the new role
• The user loses access that is no longer permitted

Important things to remember:

• Users with the same role do NOT automatically see each other’s data
• Data visibility depends on role hierarchy + sharing rules
• Changing roles does not change ownership of data

Always double-check access after changing a user’s role.

How to Plan Your Data Access Hierarchy

Before creating roles, take some time to plan the hierarchy.

The goal is to answer one simple question:

“Who should be able to see whose data?”

Step-by-Step Planning Example

1. Top Level Role
2. Example: CEO, Admin

3. Can see all data in the system

4. Second Level Roles

5. Example: Sales Head, Support Head

6. Can see data related to their department

7. Lower Level Roles

8. Example: Managers, Team Leads

9. Can see their team’s data

10. Individual Roles

11. Example: Sales Rep, Support Agent
12. Can see only their own records

Although this structure may look like an HR org chart, the focus should always be on data access needs, not job titles.

Hierarchy View and Role Creation

This section allows you to create, edit, and manage data access roles.

Each data access role defines:

• What data users can see
• Which role is above it (parent role)
• Which application it belongs to

Every user in SnapApp is assigned one data access role.

Hierarchy View and Adding Roles

Hierarchy View

• Displays the full role hierarchy visually
• Helps you understand:
• Parent–child relationships
• Which roles inherit access from others
• Useful for reviewing and troubleshooting access issues

+ Add New

• Creates a new data access role
• Opens a form where you:
• Name the role
• Select its parent role
• Assign it to an application

Always decide the parent role before creating a new role.

Data Access Hierarchy Chart

This table lists all data access roles in your application.

Table Columns Explained

• Name
• The name of the data access role

• Should clearly describe its purpose

• Parent ID

• The role directly above this role

• This role inherits access from its parent

• Application ID

• The SnapApp application the role belongs to

Actions

• + Add New

• Quickly create a new role from the table view

• Create and manage roles

• Define parent–child relationships
• Control data visibility across users and teams

Note: Effective management of data access roles is essential for maintaining robust security and data integrity within your application. Proper configuration and assignment of roles to users are critical steps in ensuring secure and reliable data management.

Thank you for following these steps to manage your SnapApp access controls (data access hierarchy) settings effectively. If you have any questions or need further assistance, please don’t hesitate to reach out to our support team. We’re here to help you make the most out of your SnapApp experience.

For support, email us at snapapp@bluevector.ai