home

Advantage Platform Administration

Adobe Sign ServicesAdvantage Platform AdministrationApprovals for Advantage PlatformApprovals for SalesforceBilling for Advantage PlatformBilling for SalesforceCLM for Advantage PlatformCLM for SalesforceContracts for SalesforceCollaborateComposer for Advantage PlatformComposer for SalesforceContractsConga for Google DocsConga Upgrade ProgramContract Intelligence (Standalone)CPQ for Advantage PlatformCPQ for SalesforceDeal MaximizerDigital Commerce for Advantage PlatformDigital Commerce for SalesforceDiscovery AI for Advantage PlatformDiscovery AI for SalesforceDocusign ServiceseSignature Integration with Advantage PlatformGridInvoice GenerationMix FormsOrchestrateOrder Management for Advantage PlatformOrder Management for SalesforcePartner Commerce for Advantage PlatformPartner Commerce for SalesforceQuote GenerationSign for Advantage PlatformSign for SalesforceSmart SearchTest AuthorTurboEnginesX-Author for Contracts 1.0 (Classic)X-Author for ContractsX-Author for Contracts Advanced for Advantage PlatformX-Author for Contracts Advanced for SalesforceX-Author for ExcelX-Author for Migration Manager for Advantage PlatformX-Author for Migration ManagerRelease NotesGeneralDocs by Release
Adobe Sign ServicesAdvantage Platform AdministrationApprovals for Advantage PlatformApprovals for SalesforceBilling for Advantage PlatformBilling for SalesforceCLM for Advantage PlatformCLM for SalesforceContracts for SalesforceCollaborateComposer for Advantage PlatformComposer for SalesforceContractsConga for Google DocsConga Upgrade ProgramContract Intelligence (Standalone)CPQ for Advantage PlatformCPQ for SalesforceDeal MaximizerDigital Commerce for Advantage PlatformDigital Commerce for SalesforceDiscovery AI for Advantage PlatformDiscovery AI for SalesforceDocusign ServiceseSignature Integration with Advantage PlatformGridInvoice GenerationMix FormsOrchestrateOrder Management for Advantage PlatformOrder Management for SalesforcePartner Commerce for Advantage PlatformPartner Commerce for SalesforceQuote GenerationSign for Advantage PlatformSign for SalesforceSmart SearchTest AuthorTurboEnginesX-Author for Contracts 1.0 (Classic)X-Author for ContractsX-Author for Contracts Advanced for Advantage PlatformX-Author for Contracts Advanced for SalesforceX-Author for ExcelX-Author for Migration Manager for Advantage PlatformX-Author for Migration ManagerRelease NotesGeneralDocs by Release

Conga Product Documentation

Welcome to the new doc site. Some of your old bookmarks will no longer work. Please use the search bar to find your desired topic.

Show Contents

Advantage Platform Administration

Roles and Permission Groups

Access Control (Roles and Permission Groups)

The Conga Advantage Platform uses a flexible and layered security model to manage user access across applications. This model is primarily based on Role-Based Access Control (RBAC) and is enhanced with record-level controls, including Property-Based Access Control (PBAC). Together, these capabilities help administrators define what users can do (permissions) and what data they can see or modify (scope control).

RBAC governs access by assigning one or more Permission Groups to a Role. A role represents a functional profile, such as Administrator, Manager, or Standard User, and determines a user's overall capability within the system. For more information, see Role-Based Access Control (RBAC).

PBAC extends RBAC by allowing administrators to control access dynamically, based on the properties of each record, not just user role or ownership. This ensures access is aligned with real-world business rules and data classifications. For more information, see Property-Based Access Control (PBAC).

Roles

  • A role is a container for permissions.
  • Each role can include one or more permission groups.
  • Roles simplify administration by allowing you to assign predefined access sets to users.

Permission Groups

A permission group defines the specific actions a user can perform, including:

  • Object-Level Permissions: Access to create, read, update, or delete objects.
  • Field-Level Permissions: Access to view or edit specific fields.
  • Scope-Level Permissions: Additional controls to restrict record-level access using Global, Account, User, or Property scopes.

Scope Levels in Access Control

While RBAC defines broad capabilities, scope levels determine which data records a user can access. The Conga Advantage Platform provides four scope types within Permission Groups:

  1. Global Scope: Grants access to records based on simple criteria, without relying on ownership or user relationships.
  2. Account Scope: Controls which Accounts and related records the group can access.
  3. User Scope: Controls access based on user-to-user or team relationships.
  4. Property Scope: Enables access based on specific property values on a record.

How RBAC and PBAC Work Together

  • RBAC determines what a user can do (object and field permissions) and which records user can see.
  • PBAC determines which records the user can see or modify based on the values of the property fields.
  • Permission Groups bridge the two by combining object permissions with scope definitions.
  • Roles bring multiple permission groups together to define a user's complete access profile.

This layered approach ensures administrators can configure broad functional access while maintaining fine-grained control over data visibility and security.

Administrator Guide
Conga Advantage Platform Administration

April 15, 2026