Each user in Graphite Connect is assigned a role and can also be assigned specific system permissions. This article explains user roles, onboarding permissions, topic ownership, and user groups.
Connection Role (buyer vs. seller)
Both buyers and sellers have similar views in Graphite, but their default view depends on what role they have set.
Buyer:
These users have a “request new supplier” link on the homepage and a link to the list of Suppliers in the top navigation.
Buyers see the information a supplier shares, such as W9, banking information, and compliance details. Buyers do not see that information for their own company.
Sensitive tax and banking information of suppliers is restricted unless these users additionally have the "bank" or "tax" permission.
Seller:
These users do not have a “request new supplier” link on the homepage. They have a link to the list of Customers in the top navigation.
Sellers see the information a customer shares, such as where to send an invoice.
Sensitive tax and banking information of customers is always restricted. Sensitive tax and banking information of their supplier profile is restricted unless these users additionally have the "bank" or "tax" permission.
Both:
These users have the permissions of both Buyers and Sellers, and have the ability to request a new supplier. Users with Both selected will also choose which view should be their default. These users also have access to both the Suppliers and Customers lists in the top navigation.
System Permissions
Admin:
These users manage the company account and receive assignments to otherwise unassigned tasks.
User Admin:
These users have the ability to manage users, user groups, and associated permissions.
IT Admin:
These users manage the company API keys, view integrations pages and audit logs.
Cancel Connection:
These users have the ability to disconnect from a supplier.
Tax:
Permits users to access W9s, SSNs, and other tax numbers that are considered PII once authenticated. (See buyer vs. seller rule above - buyers can view the supplier’s information, but will not have access to view this information for their own company.)
Banking:
Permits users to access IBAN and bank account numbers once authenticated. (See buyer vs. seller rule above - buyers can view the supplier’s information, but will not have access to view this information for their own company.)
Onboarding Permissions
Final Invite Approval:
This is an optional role that allows the buying entity to create an approval process for outgoing invitations. If used, your company can designate a user to review either all invitations or particular invitations based on your company’s requirements.
Final Review Approval:
This is an optional role. Most commonly used when a supplier is rejected during one of the compliance topic reviews. Users in this role will have the ability to push the supplier through the process as appropriate or disconnect from the supplier until the business engagement changes.
Final Connect Approval:
This is an optional role, but often used as a final approval before marking connections as complete and syncing vendor records with the ERP.
Topic Ownership
Every distinct group of questions in Graphite Connect is referred to as a Topic. Users who are assigned “topic ownership” will receive task assignments and message notifications for their topic.
Examples:
- Information Security topic owners will be assigned tasks when a supplier has moved to Review and an Information Security review is required
- Information Security topic owners will receive messages during back-and-forth communication with the supplier
- The Sales, Order, and Payment topic owner will receive a confirmation task when the supplier
updates their bank details
When no topic owner exists, these tasks will be assigned broadly to all admins with the buyer role.
User Groups
Buying entities with robust business requirements can leverage user groups for custom permissions and advanced task segmentation.
Task segmentation
For system groups such as Onboarding Permissions and Topics, task rules and assignments can be triggered on any data point and any logic.
Examples:
- Assign task based on supplier country of registration
- Require review by Person A when spend exceeds $50,000, and Person B when spend exceeds $100,000
- Require review by Procurement when supplier type = VAR before sending invitation
Custom configurations
Both system groups and custom user groups can be used when a company needs to create special permissions for certain groups of users. Graphite Connect can support whatever use case you can think of.
Potential use cases:
- Restrict the Information Security topic so only topic owners can view supplier answers in the Information Security topic or kick off a supplier rescreen
- Restrict the ability to see the email addresses (PI) in the Sales, Order, and Payment topic and Information Security topic
- Only allow certain users to start the invitation process for a specific type of supplier (e.g. Rebate, Royalty, etc.)
- Send notifications to a group of users based on a custom trigger event
- Note: Users in the Non-Network Requests group are the only people who can create a Non-Network supplier (this custom group is built by default)
For more information on how these permissions apply to Buying organizations, see: User Permissions for Buyers >