Users can have the following permissions:
Login - the permission to log in to the application. Without it, the user cannot log in.
Receive packages - the permission to receive packages. Without it, the user cannot receive packages (packages cannot be addressed to him).
Send packages - the permission to send packages
Receive packages
...
. Without it, the user cannot send new packages.
Public - the permission to send public packages.
Internal - the permission to send internal packages.
Private - the permission to send private packages.
Use the briefcase - specifies whether the user has access to the briefcase feature, which facilitates the easy sending of packages "to oneself". This permission has an effect only if the administrator has enabled the briefcase function in the "only selected" mode (in Settings - Configuration - Packages - General).
Download files without login password - the permission to download package files without reentering the login password. Without it, the user must reenter his login password before each download. Users from ADFS cannot have this permission revoked, because they log in outside of the application.
Download files from own sent packages - enables the user to download files from his own sent packages. This permission has effect only if an administrator set the mode to “only selected“ for function in Settings - Configuration - Packages - Access control - Users can download files from their own sent packages. Revoking this permission limits one of the options of how to get files outside the organization, if the user logs in from outside of the organization.
Encrypt outgoing packages with a password - the permission to enable encryption of package files using the package password (key derived from the password). The packages encrypted with a password will not be accessible to anyone who does not have the password (not even to an administrator), because the password is required for decryption. This permission has effect only if an administrator enabled the encryption feature and set the mode to “only selected“ for registered users (in Settings - Configuration - Data encryption).
Do not enforce a multifactor authentication - If enforcing of multifactor authentication is enabled for users (in Settings - Configuration - Users), granting this permission allows to make an exception for a user from this enforcement.
Approve sending of packages - the permission to see and approve packages waiting to be sent from users, whose packages must be approved before being sent.
Access all packages that require approval - specifies whether the user can access all packages subject to approval. If not, he can only see the packages for which he is assigned as the preferred approver. This permission only has an effect if the administrator has enabled the "selected only" mode for approver access to all packages (in Settings - Configuration - Packages - Approval of sending).
Send packages without additional approval - the permission to send packages directly, without waiting for approval by an authorized user (auditor). This permission has effect only if an administrator set the mode to “only selected“ for function in Settings - Configuration - Packages - Approval of sending - Mandatory approval of user's packages to be sent.
Select the approver of packages to be sent - specifies, whether the user can choose his preferred approvers, that approve the packages he is sending. If yes, he sets them in his user profile. If no and he needs them, the administrator should set them for him. This permission only has an effect if the administrator has enabled the "selected only" mode for users choosing their approvers (in Settings - Configuration - Packages - Approval of sending).
Send packages to yourself - enables the user to send packages to himself. This permission has effect only if an administrator set the mode to “only selected“ for function in Settings - Configuration - Packages - Access control - Users can send packages to themselves. Revoking this permission limits one of the options of how to get files outside the organization, if the user logs in from outside of the organization.
Access to detailed check results - permission to display detailed results of checks of individual files in packages, similar to an administrator. This permission only has an effect if the administrator has set the "selected only" mode for the feature in Settings - Configuration - Users - Access detailed results of file checks for logged-in users.
Create cooperative packages - permission for the user to create new cooperative packages. This permission only has an effect if the administrator has set the "selected only" mode for the feature in Settings - Configuration - Packages - General - Users can create cooperative packages.
Set a package as persistent - allows the user to set his package as persistent. Such a package will not expire (be deleted) and will be active and accessible until the user od administrator deletes it manually or removes the persistent setting.
Persistent account - users with this permission will be exempt from the automatic account locking and deletion after inactivity and so will not be automatically locked nor deleted.
Newly created users have the permissions set according to Settings - Configuration - Users. The administrator can modify them afterwards, if needed.