Skip to main content

Search

Pinnacle Series Admin Features

Admin features for Pinnacle Series.

EP background

Permissions & Visibility in Pinnacle Series - FAQ

Applies To:

All administrators.

 

Common Causes/Issues:

Your definitive enterprise guide to mastering roles, permissions, and scalable group access in Pinnacle Series—engineered for secure governance and simplified administration.
 

Solution Overview:

Understanding Role Types

Each role in Pinnacle Series serves a distinct purpose. Combining them correctly ensures the right level of access, control, and responsibility without introducing risk or unnecessary complexity.

  • Content Author: Creates content but cannot publish.
  • Content Publisher: Publishes approved content to shared libraries.
  • Content Admin: Oversees folder structure, metadata, and content strategy.
  • Assignment Admin: Assigns content at an enterprise level.
  • Assignor: Assigns content to visible users or child groups (limited visibility).
  • Admin: Controls user provisioning, authentication, platform settings.

 

Permission Inheritance: What It Really Means

Inherit Permissions means a user will receive the role(s) assigned to the group they belong to. It does not cascade to child groups. Group hierarchy only impacts visibility for assignments and reports.

Example:

  • If “Content Publisher” is assigned to a group, and “Inherit Permissions” is enabled, all users in that group get publishing rights.
  • If a user is in a child group, they will not receive permissions from the parent group.

 

Visibility vs. Permissions

Group membership affects assignment visibility but not permissions.

  • Permissions: Defined by roles assigned directly or via 'Inherit Permissions'.
  • Visibility: Defined by group hierarchy—useful for department managers to assign within their teams.

 

Frequently Asked Questions

Do permissions cascade down to child groups?

No. Permissions do not cascade. Group hierarchies affect visibility for assignments and reporting only. Use “Inherit Permissions” at the group level to assign roles to members of that specific group.

 

What’s the difference between an Assignor and Assignment Admin?

Assignor: Can assign learning only to users they can see (typically their own group or child groups).
Assignment Admin: Can assign to all users across the platform.

 

Can a user have multiple roles?

Yes, users can hold multiple roles. For example, a Content Admin may also be an Assignor. Be cautious with combined roles to avoid unintended access.

 

Can a Group Owner assign content?

Only if they are also assigned the Assignor role. Group Owner alone provides visibility over users in the group and child groups, but not assignment capability.

 

How does "Inherit Permissions" work?

When enabled, users automatically receive the roles assigned to the group they belong to. It does not apply roles from parent or child groups—only the specific group itself.

 

What happens if multiple roles are assigned?

The user receives the combined access of all assigned roles. For example, a Content Publisher + Assignor will be able to both publish content and assign it to visible users.

 

How can we test permissions before rollout?

Use a test user account and apply roles incrementally. Log in as the test user to verify what they can see and do. Avoid testing with full Admin rights, as it overrides other visibility controls.

 

Role Comparison Table

Role Content Creation Content Publishing Assign Learning Library Management Visibility Scope Notes Typical Use Case
Admin ✅ Platform config All users & groups Manages users, security, SSO, branding IT/System Admin
Content Administrator ✅ All content ✅ All libraries ✅ Full library control All shared libraries Owns templates, visibility, metadata Head of Learning
Content Publisher ✅ Shared libraries ✅ Shared libraries Assigned libraries Manages metadata & content Regional Trainer
Content Author ✅ Drafts only Assigned draft areas Creates & tags content only SME or Technical Writer
Assignment Admin ✅ All users Full platform Auto-enroll & approve external learning Global L&D Coordinator
Assignor ✅ Visible users only Groups they manage/own Use Inherit Permissions for nested visibility Department Manager


Quick Role Overview

  • Admin: Manages users, SSO, security - no content control.
  • Content Admin: Owns content visibility, structure, and library governance.
  • Publisher: Publishes approved content into shared libraries.
  • Author: Creates drafts, submits for publishing.
  • Assignment Admin: Assigns and manages learning across the org.
  • Assignor: Assigns content to teams they manage or own.
Inherit Permissions Explained: When ON, a user inherits the permissions assigned to their group. It does NOT cascade permissions to child groups. However, Assignors and Group Owners can see users in parent and child groups for assignment purposes.


Permission Scenarios: What Could Go Wrong?

  • Too Many Admins: Increases the risk of accidental global changes or security missteps.
  • Assignor Assigned Outside Their Group: Leads to assignment errors or visibility conflicts.
  • Content Author Without Publisher: Drafts pile up with no one to review or publish them.
  • Overlapping Library Permissions: Confusion over content ownership and visibility.
  • Inconsistent Folder Naming: Hurts searchability and makes metadata tagging less effective.
Best Practice: Define clear ownership for each role. Limit Admins, use Content Admins for visibility control, and leverage Assignors only within their teams.


Governance Scenarios

Scenario Recommended Role & Setting
Local team lead needs to assign onboarding Assignor in their group with Inherit ON
Content expert needs to draft a guide Content Author in one library
Regional manager needs oversight only Group Owner with no elevated role
Global training team needs to track compliance Assignment Admin


Governance Golden Rules

  • Assign only what’s needed: Follow least privilege—start small, scale as needed.
  • Use group-based roles: Helps with scalability, audits, and clarity.
  • Separate content and assignment roles: Avoid overlapping responsibilities that cause confusion.
  • Review inherited permissions regularly: Confirm they align with actual responsibilities.
  • Limit Admin rights: Only users who configure system-wide settings should have this role.
Tip: Always pair elevated roles with tight library or group scoping to avoid overexposure.


Role-Based Use Cases 

Click arrow to expand each section:

Content Publisher
  • Edit and publish updated SOPs for regional teams
  • Manage training events in specific libraries
  • Update video transcripts in shared content
Content Author
  • Draft learning content for new software rollout
  • Create workflow steps to be reviewed by a Publisher
  • Validate folder restrictions for sensitive content
Admin
  • Confirm roles match job functions (least privilege)
  • Configure SSO and enforce login policies
  • Customize branding for department-level portals
Content Administrator
  • Publish required training to specific teams
  • Manage certificates and transcripts
  • Organize library access by business unit
Assignment Admin
  • Set up auto-enrollments across all departments
  • Review and approve external learning globally
  • Monitor learning completion company-wide
Assignor
  • Assign onboarding to direct reports
  • Track learning for owned teams or projects
  • View child groups if Inherit Permissions is on


Role Decision Grid

Need Recommended Role
Create draft content, no publish rights Content Author
Publish reviewed content into shared libraries Content Publisher
Control folder visibility and metadata tagging Content Administrator
Assign training across all business units Assignment Admin
Assign content within a specific team or group Assignor
Manage SSO, users, and settings — no content access Admin


Related Article(s):

Explanation of Pinnacle Series Platform Permissions

Pinnacle Series Terminology for Users with Elevated Permissions

 

Still Need Help?

Log a support ticket